tag:blogger.com,1999:blog-9043674555831234022024-03-13T21:24:16.565-07:00>>>>>Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.comBlogger107125tag:blogger.com,1999:blog-904367455583123402.post-64916463770814609432018-09-25T05:23:00.003-07:002018-09-25T05:23:34.021-07:00A vnode pager and a shared libraries cache.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
A step by step description to find a vnode backing a memory mapping for a particular address. Lets find a vnode behind <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">0x0007fff51b41000</code> address which according to <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">vmmap</code> output belongs to <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">/usr/lib/libSystem.B.dylib</code> mapping for a <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">__TEXT</code> segment</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Let's locate a task, <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">ping</code> in this case.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) showalltasks
task vm_map ipc_space #acts flags pid process io_policy wq_state command
....
0xffffff803e0ce7a0 0xffffff803e957200 0xffffff803e93a9c0 1 D 594 0xffffff803fc986d0 -1 -1 -1 ping
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Next we inspect its ```vmmap``</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) showmapvme 0xffffff803e957200
vm_map pmap size #ents rsize start:end
0xffffff803e957200 0xffffff803e954c90 0x00000001051cd000 37 202 0x00000001087f3000:0x00007fffffe00000
entry start:end #pgs tag.kmod prot&flags object offset
0xffffff803eb47640 0x00000001087f3000:0x00000001087f9000 6 0 57 0xffffff8045dd5700 0x0
0xffffff803eb47910 0x00000001087f9000:0x00000001087fa000 1 0 37 0xffffff8044538800 0x0
0xffffff803eb47050 0x00000001087fa000:0x000000010880a000 16 0 37 0xffffff8044538000 0x0
0xffffff803f789550 0x000000010880a000:0x000000010880e000 4 0 17n 0xffffff8044538500 0x7000
0xffffff803f789be0 0x000000010880e000:0x0000000108810000 2 73 37 0xffffff8044538200 0x0
0xffffff803ef8e550 0x0000000108810000:0x0000000108811000 1 1 17n 0xffffff8044538900 0x0
0xffffff803ad2b320 0x0000000108811000:0x0000000108812000 1 1 37n 0xffffff8044538900 0x1000
0xffffff803f789e10 0x0000000108812000:0x0000000108813000 1 1 07 0xffffff8044538900 0x2000
0xffffff803690c820 0x0000000108813000:0x0000000108817000 4 1 37n 0xffffff8044538900 0x3000
0xffffff803f789000 0x0000000108817000:0x0000000108818000 1 1 07 0xffffff8044538900 0x7000
0xffffff803690ca00 0x0000000108818000:0x0000000108819000 1 1 07 0x0000000000000000 0x0
0xffffff803ef8eb90 0x0000000108819000:0x000000010881d000 4 1 37n 0xffffff8044538100 0x0
0xffffff803ef8e230 0x000000010881d000:0x000000010881e000 1 1 07 0x0000000000000000 0x5000
0xffffff80367b6140 0x000000010881e000:0x000000010881f000 1 1 17 0xffffff8044538a00 0x0
0xffffff803d1e72d0 0x000000010881f000:0x0000000108820000 1 0 13 0xffffff80368b8400 0x0
------------------ 0x0000000108820000:0x000000011852a000 64778
0xffffff803f789230 0x000000011852a000:0x0000000118575000 75 0 57 0xffffff8045dd5b00 0x0
0xffffff803f789dc0 0x0000000118575000:0x0000000118578000 3 0 37 0xffffff8044538700 0x0
0xffffff803f7895f0 0x0000000118578000:0x00000001185ad000 53 0 37 0xffffff8044538400 0x0
0xffffff803f7895a0 0x00000001185ad000:0x00000001185c8000 27 0 17n 0xffffff8035f2e300 0x4f000
------------------ 0x00000001185c8000:0x00007fb925c00000 34284295736
0xffffff80367b6230 0x00007fb925c00000:0x00007fb925d00000 256 7 37n 0xffffff8044538b00 0x0
0xffffff803d1e7320 0x00007fb925d00000:0x00007fb925e00000 256 7 37n 0xffffff8044537f00 0x0
0xffffff803f9ee3c0 0x00007fb925e00000:0x00007fb925f00000 256 7 37 0xffffff8044537e00 0x0
------------------ 0x00007fb925f00000:0x00007fb926000000 256
0xffffff803ad2bd70 0x00007fb926000000:0x00007fb926800000 2048 2 37 0xffffff8044538c00 0x0
0xffffff803f9eeaf0 0x00007fb926800000:0x00007fb927000000 2048 2 37n 0xffffff8044537200 0x0
------------------ 0x00007fb927000000:0x00007ffee340d000 73122829
0xffffff803f789730 0x00007ffee340d000:0x00007ffee6c0d000 14336 30 07 0x0000000000000000 0x0
0xffffff803f789a50 0x00007ffee6c0d000:0x00007ffee740d000 2048 30 37 0xffffff8044538600 0x0
------------------ 0x00007ffee740d000:0x00007fff00000000 101363
0xffffff803f789d20 0x00007fff00000000:0x00007fff80000000 524288 32 17snp submap:0xffffff8035fa3600 0x0
0xffffff803ad2b000 0x00007fff80000000:0x00007fff8be00000 48640 35 17sn submap:0xffffff8035fa3600 0x80000000
0xffffff803ad2b2d0 0x00007fff8be00000:0x00007fff8c000000 512 35 37 0xffffff8044538e00 0x0
0xffffff803ad2b780 0x00007fff8c000000:0x00007fff8c200000 512 35 17sn submap:0xffffff8035fa3600 0x8c000000
0xffffff803ad2b280 0x00007fff8c200000:0x00007fff8c400000 512 35 37 0xffffff8044538f00 0x0
0xffffff803f7899b0 0x00007fff8c400000:0x00007fff8c600000 512 35 37 0xffffff8044538d00 0x0
0xffffff803f789d70 0x00007fff8c600000:0x00007fff8c69b000 155 35 37 0xffffff8044538300 0x0
0xffffff803f789960 0x00007fff8c69b000:0x00007fffc0000000 211301 35 17sn submap:0xffffff8035fa3600 0x8c69b000
0xffffff803f789aa0 0x00007fffc0000000:0x00007fffffe00000 261632 32 17snp submap:0xffffff8035fa3600 0xc0000000
0xffffff803f789fa0 0x00007fffffe00000:0x00007fffffe01000 1 0 11s submap:0xffffff802d4e1a20 0x0
------------------ 0x00007fffffe01000:0x00007fffffeb6000 181
0xffffff803f7892d0 0x00007fffffeb6000:0x00007fffffeb7000 1 0 55s submap:0xffffff802d4e1c20 0x0
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The address we are looking for belongs to a range backed by a submap <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">0xffffff8035fa3600</code>. Let's inspect this submap.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) showmapvme -v 0xffffff8035fa3600
vm_map pmap size #ents rsize start:end
0xffffff8035fa3600 0xffffff80353d9598 0x0000000045704000 62 34581 0x0000000000000000:0x00000000ffe00000
entry start:end #pgs tag.kmod prot&flags object offset
------------------ 0x0000000000000000:0x0000000024192000 147858
0xffffff8036052780 0x0000000024192000:0x000000005421f000 196749 0 55n 0xffffff8035fa4500 0x0
------------------ 0x000000005421f000:0x0000000084192000 196467
0xffffff803b1f9690 0x0000000084192000:0x0000000084200000 110 0 33n 0xffffff8035fa4500 0x3008d000
0xffffff803b1f9f50 0x0000000084200000:0x0000000084400000 512 0 33n 0xffffff8035fa4500 0x300fb000
0xffffff803621f960 0x0000000084400000:0x0000000084600000 512 0 33n 0xffffff8035fa4500 0x302fb000
0xffffff803b24baa0 0x0000000084600000:0x0000000084800000 512 0 33n 0xffffff8035fa4500 0x304fb000
0xffffff803b24bb40 0x0000000084800000:0x0000000084a00000 512 0 33n 0xffffff8035fa4500 0x306fb000
0xffffff803b24b910 0x0000000084a00000:0x0000000085400000 2560 0 33n 0xffffff8035fa4500 0x308fb000
0xffffff803b24b8c0 0x0000000085400000:0x0000000085600000 512 0 33n 0xffffff8035fa4500 0x312fb000
0xffffff8036b19410 0x0000000085600000:0x0000000085800000 512 0 33n 0xffffff8035fa4500 0x314fb000
0xffffff803c9b10f0 0x0000000085800000:0x0000000085a00000 512 0 33n 0xffffff8035fa4500 0x316fb000
0xffffff803621fb40 0x0000000085a00000:0x0000000085c00000 512 0 33n 0xffffff8035fa4500 0x318fb000
0xffffff803621f690 0x0000000085c00000:0x0000000085e00000 512 0 33n 0xffffff8035fa4500 0x31afb000
0xffffff80361cbc80 0x0000000085e00000:0x0000000086000000 512 0 33n 0xffffff8035fa4500 0x31cfb000
0xffffff803621f370 0x0000000086000000:0x0000000086200000 512 0 33n 0xffffff8035fa4500 0x31efb000
0xffffff803621f6e0 0x0000000086200000:0x0000000086400000 512 0 33n 0xffffff8035fa4500 0x320fb000
0xffffff803621f0f0 0x0000000086400000:0x0000000086600000 512 0 33n 0xffffff8035fa4500 0x322fb000
0xffffff8036052d20 0x0000000086600000:0x0000000086800000 512 0 33n 0xffffff8035fa4500 0x324fb000
0xffffff803b24b9b0 0x0000000086800000:0x0000000086e00000 1536 0 33n 0xffffff8035fa4500 0x326fb000
0xffffff8037bd0f00 0x0000000086e00000:0x0000000087000000 512 0 33n 0xffffff8035fa4500 0x32cfb000
0xffffff8037fb1dc0 0x0000000087000000:0x0000000087200000 512 0 33n 0xffffff8035fa4500 0x32efb000
0xffffff803687b190 0x0000000087200000:0x0000000087400000 512 0 33n 0xffffff8035fa4500 0x330fb000
0xffffff80390b2f00 0x0000000087400000:0x0000000087600000 512 0 33n 0xffffff8035fa4500 0x332fb000
0xffffff803621f550 0x0000000087600000:0x0000000087800000 512 0 33n 0xffffff8035fa4500 0x334fb000
0xffffff803908a0a0 0x0000000087800000:0x0000000087c00000 1024 0 33n 0xffffff8035fa4500 0x336fb000
0xffffff80375d5820 0x0000000087c00000:0x0000000087e00000 512 0 33n 0xffffff8035fa4500 0x33afb000
0xffffff8037f0fb90 0x0000000087e00000:0x0000000088000000 512 0 33n 0xffffff8035fa4500 0x33cfb000
0xffffff803724ddc0 0x0000000088000000:0x0000000088200000 512 0 33n 0xffffff8035fa4500 0x33efb000
0xffffff803b11ac30 0x0000000088200000:0x0000000088400000 512 0 33n 0xffffff8035fa4500 0x340fb000
0xffffff8036c39870 0x0000000088400000:0x0000000088600000 512 0 33n 0xffffff8035fa4500 0x342fb000
0xffffff8038010500 0x0000000088600000:0x0000000088800000 512 0 33n 0xffffff8035fa4500 0x344fb000
0xffffff8036c390f0 0x0000000088800000:0x0000000088a00000 512 0 33n 0xffffff8035fa4500 0x346fb000
0xffffff8037c577d0 0x0000000088a00000:0x0000000088c00000 512 0 33n 0xffffff8035fa4500 0x348fb000
0xffffff80390b2be0 0x0000000088c00000:0x0000000088e00000 512 0 33n 0xffffff8035fa4500 0x34afb000
0xffffff803908a820 0x0000000088e00000:0x0000000089000000 512 0 33n 0xffffff8035fa4500 0x34cfb000
0xffffff803b11ac80 0x0000000089000000:0x0000000089200000 512 0 33n 0xffffff8035fa4500 0x34efb000
0xffffff803b24ba00 0x0000000089200000:0x0000000089400000 512 0 33n 0xffffff8035fa4500 0x350fb000
0xffffff803621f410 0x0000000089400000:0x0000000089600000 512 0 33n 0xffffff8035fa4500 0x352fb000
0xffffff803b24ba50 0x0000000089600000:0x0000000089800000 512 0 33n 0xffffff8035fa4500 0x354fb000
0xffffff8037c57410 0x0000000089800000:0x0000000089a00000 512 0 33n 0xffffff8035fa4500 0x356fb000
0xffffff8036922280 0x0000000089a00000:0x0000000089c00000 512 0 33n 0xffffff8035fa4500 0x358fb000
0xffffff803843de10 0x0000000089c00000:0x0000000089e00000 512 0 33n 0xffffff8035fa4500 0x35afb000
0xffffff803908a730 0x0000000089e00000:0x000000008a000000 512 0 33n 0xffffff8035fa4500 0x35cfb000
0xffffff8037f42410 0x000000008a000000:0x000000008a200000 512 0 33n 0xffffff8035fa4500 0x35efb000
0xffffff803cd14a50 0x000000008a200000:0x000000008a400000 512 0 33n 0xffffff8035fa4500 0x360fb000
0xffffff803a407a00 0x000000008a400000:0x000000008a600000 512 0 33n 0xffffff8035fa4500 0x362fb000
0xffffff803b24bbe0 0x000000008a600000:0x000000008a800000 512 0 33n 0xffffff8035fa4500 0x364fb000
0xffffff803908aaa0 0x000000008a800000:0x000000008aa00000 512 0 33n 0xffffff8035fa4500 0x366fb000
0xffffff803b24b4b0 0x000000008aa00000:0x000000008ac00000 512 0 33n 0xffffff8035fa4500 0x368fb000
0xffffff80390b2140 0x000000008ac00000:0x000000008ae00000 512 0 33n 0xffffff8035fa4500 0x36afb000
0xffffff803ad2ba00 0x000000008ae00000:0x000000008b200000 1024 0 33n 0xffffff8035fa4500 0x36cfb000
0xffffff80390b2820 0x000000008b200000:0x000000008b400000 512 0 33n 0xffffff8035fa4500 0x370fb000
0xffffff8037cc2280 0x000000008b400000:0x000000008b600000 512 0 33n 0xffffff8035fa4500 0x372fb000
0xffffff80361cb6e0 0x000000008b600000:0x000000008b800000 512 0 33n 0xffffff8035fa4500 0x374fb000
0xffffff80390b2af0 0x000000008b800000:0x000000008ba00000 512 0 33n 0xffffff8035fa4500 0x376fb000
0xffffff803690c1e0 0x000000008ba00000:0x000000008bc00000 512 0 33n 0xffffff8035fa4500 0x378fb000
0xffffff803680e460 0x000000008bc00000:0x000000008be00000 512 0 33n 0xffffff8035fa4500 0x37afb000
0xffffff80361cbd20 0x000000008be00000:0x000000008c000000 512 0 33n 0xffffff8035fa4500 0x37cfb000
0xffffff8036052a50 0x000000008c000000:0x000000008c200000 512 0 33n 0xffffff8035fa4500 0x37efb000
0xffffff8037ce4c30 0x000000008c200000:0x000000008c400000 512 0 33n 0xffffff8035fa4500 0x380fb000
0xffffff80360521e0 0x000000008c400000:0x000000008c600000 512 0 33n 0xffffff8035fa4500 0x382fb000
0xffffff803621f5a0 0x000000008c600000:0x000000008c69b000 155 0 33n 0xffffff8035fa4500 0x384fb000
------------------ 0x000000008c69b000:0x00000000c4192000 228087
0xffffff80360526e0 0x00000000c4192000:0x00000000d1300000 53614 0 11n 0xffffff8035fa4500 0x38596000
------------------ 0x00000000d1300000:0x00000000ffe00000 191232
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The address we are looking for is backed by a <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">vm_object</code> 0xffffff8035fa4500. Let's print it out.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) p *(vm_object_t)0xffffff8035fa4500
(vm_object) $49 = {
memq = (next = 47704340, prev = 47704340)
Lock = {
= {
lck_rw_shared_count = 0
lck_rw_interlock = '\0'
lck_rw_priv_excl = '\x01'
lck_rw_want_upgrade = '\0'
lck_rw_want_write = '\0'
lck_r_waiting = '\0'
lck_w_waiting = '\0'
lck_rw_can_sleep = '\x01'
lck_rw_padb6 = '\0'
lck_rw_tag = 0
lck_rw_owner = 0x0000000000000000
}
= (data = 553648128, lck_rw_pad4 = 0, lck_rw_pad8 = 0, lck_rw_pad12 = 0)
}
Lock_owner = 0x0000000000000000
vo_un1 = (vou_size = 1164984320, vou_cache_pages_to_scan = 1164984320)
memq_hint = 0x0000000000000000
ref_count = 4877
resident_page_count = 0
wired_page_count = 0
reusable_page_count = 0
copy = 0x0000000000000000
shadow = 0xffffff8035fa4300
vo_un2 = {
vou_shadow_offset = 0
vou_cache_ts = 0
vou_purgeable_owner = 0x0000000000000000
vou_slide_info = 0x0000000000000000
}
pager = 0x0000000000000000
paging_offset = 0
pager_control = 0x0000000000000000
copy_strategy = 4
paging_in_progress = 0
__object1_unused_bits = 0
activity_in_progress = 0
all_wanted = 0
pager_created = 0
pager_initialized = 0
pager_ready = 0
pager_trusted = 0
can_persist = 0
internal = 1
private = 0
pageout = 0
alive = 1
purgable = 3
purgeable_only_by_kernel = 0
purgeable_when_ripe = 0
shadowed = 1
true_share = 0
terminating = 0
named = 0
shadow_severed = 0
phys_contiguous = 0
nophyscache = 0
_object5_unused_bits = 0
cached_list = {
next = 0x0000000000000000
prev = 0x0000000000000000
}
last_alloc = 0
sequential = 0
pages_created = 0
pages_used = 0
cow_hint = 0xffffffffffffffff
wimg_bits = 128
code_signed = 0
transposed = 0
mapping_in_progress = 0
phantom_isssd = 0
volatile_empty = 0
volatile_fault = 0
all_reusable = 0
blocked_access = 0
set_cache_attr = 0
object_slid = 0
purgeable_queue_type = 3
purgeable_queue_group = 0
io_tracking = 0
no_tag_update = 0
__object3_unused_bits = 0
__object2_unused_bits = 0
scan_collisions = '\0'
wire_tag = 0
__object4_unused_bits = ([0] = '\0', [1] = '\0')
phantom_object_id = 0
uplq = {
next = 0xffffff8035fa45c0
prev = 0xffffff8035fa45c0
}
objq = {
next = 0x0000000000000000
prev = 0x0000000000000000
}
task_objq = {
next = 0x0000000000000000
prev = 0x0000000000000000
}
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The pager is NULL and this object in turn is backed by a shadow object 0xffffff8035fa4300. Switch to this object.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) p *(vm_object_t)0xffffff8035fa4300
(vm_object) $50 = {
memq = (next = 2148243131, prev = 2148236198)
Lock = {
= {
lck_rw_shared_count = 0
lck_rw_interlock = '\0'
lck_rw_priv_excl = '\x01'
lck_rw_want_upgrade = '\0'
lck_rw_want_write = '\0'
lck_r_waiting = '\0'
lck_w_waiting = '\0'
lck_rw_can_sleep = '\x01'
lck_rw_padb6 = '\0'
lck_rw_tag = 0
lck_rw_owner = 0x0000000000000000
}
= (data = 553648128, lck_rw_pad4 = 0, lck_rw_pad8 = 0, lck_rw_pad12 = 0)
}
Lock_owner = 0x0000000000000000
vo_un1 = (vou_size = 0, vou_cache_pages_to_scan = 0)
memq_hint = 0xffffff80301495d0
ref_count = 3
resident_page_count = 116984
wired_page_count = 0
reusable_page_count = 0
copy = 0xffffff8035fa4500
shadow = 0x0000000000000000
vo_un2 = {
vou_shadow_offset = 18446743524858593968
vou_cache_ts = 18446743524858593968
vou_purgeable_owner = 0xffffff8035ef02b0
vou_slide_info = 0xffffff8035ef02b0
}
pager = 0xffffff8035f3b8c0
paging_offset = 0
pager_control = 0xffffff80359d65a0
copy_strategy = 2
paging_in_progress = 0
__object1_unused_bits = 0
activity_in_progress = 0
all_wanted = 0
pager_created = 1
pager_initialized = 1
pager_ready = 1
pager_trusted = 0
can_persist = 1
internal = 0
private = 0
pageout = 0
alive = 1
purgable = 3
purgeable_only_by_kernel = 0
purgeable_when_ripe = 0
shadowed = 0
true_share = 0
terminating = 0
named = 1
shadow_severed = 0
phys_contiguous = 0
nophyscache = 0
_object5_unused_bits = 0
cached_list = {
next = 0x0000000000000000
prev = 0x0000000000000000
}
last_alloc = 836317184
sequential = 0
pages_created = 123988
pages_used = 50061
cow_hint = 0xffffffffffffffff
wimg_bits = 128
code_signed = 1
transposed = 0
mapping_in_progress = 0
phantom_isssd = 0
volatile_empty = 0
volatile_fault = 0
all_reusable = 0
blocked_access = 0
set_cache_attr = 0
object_slid = 1
purgeable_queue_type = 3
purgeable_queue_group = 0
io_tracking = 0
no_tag_update = 0
__object3_unused_bits = 0
__object2_unused_bits = 0
scan_collisions = '\0'
wire_tag = 0
__object4_unused_bits = ([0] = '\0', [1] = '\0')
phantom_object_id = 5
uplq = {
next = 0xffffff8035fa43c0
prev = 0xffffff8035fa43c0
}
objq = {
next = 0x0000000000000000
prev = 0x0000000000000000
}
task_objq = {
next = 0x0000000000000000
prev = 0x0000000000000000
}
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Now we have a valid pager. Let's inspect it.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) p *(memory_object_t)0xffffff8035f3b8c0
(memory_object) $51 = {
mo_ikot = 11
mo_pager_ops = 0xffffff80298cae70
mo_control = 0xffffff80359d65a0
}
(lldb) p *((memory_object_t)0xffffff8035f3b8c0)->mo_pager_ops
(const memory_object_pager_ops) $52 = {
memory_object_reference = 0xffffff8028dfcc10 (kernel.development`vnode_pager_reference at bsd_vm.c:648)
memory_object_deallocate = 0xffffff8028dfcc80 (kernel.development`vnode_pager_deallocate at bsd_vm.c:663)
memory_object_init = 0xffffff8028dfccf0 (kernel.development`vnode_pager_init at bsd_vm.c:402)
memory_object_terminate = 0xffffff8028dfcd90 (kernel.development`vnode_pager_terminate at bsd_vm.c:688)
memory_object_data_request = 0xffffff8028dfcda0 (kernel.development`vnode_pager_data_request at bsd_vm.c:620)
memory_object_data_return = 0xffffff8028dfce70 (kernel.development`vnode_pager_data_return at bsd_vm.c:449)
memory_object_data_initialize = 0xffffff8028dfcef0 (kernel.development`vnode_pager_data_initialize at bsd_vm.c:464)
memory_object_data_unlock = 0xffffff8028dfcf10 (kernel.development`vnode_pager_data_unlock at bsd_vm.c:475)
memory_object_synchronize = 0xffffff8028dfcf20 (kernel.development`vnode_pager_synchronize at bsd_vm.c:703)
memory_object_map = 0xffffff8028dfcf40 (kernel.development`vnode_pager_map at bsd_vm.c:715)
memory_object_last_unmap = 0xffffff8028dfcf90 (kernel.development`vnode_pager_last_unmap at bsd_vm.c:738)
memory_object_data_reclaim = 0x0000000000000000
memory_object_pager_name = 0xffffff8029515488 "vnode pager"
}
(lldb) p *((memory_object_t)0xffffff8035f3b8c0)->mo_control
(memory_object_control) $53 = {
moc_ikot = 32
moc_object = 0xffffff8035fa4300
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
This is a <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">vnode_pager</code> object. Now we cast the pager to <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0.4em;">vnode_pager</code> type.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) p *(vnode_pager*)0xffffff8035f3b8c0
(vnode_pager) $55 = {
vn_pgr_hdr = {
mo_ikot = 11
mo_pager_ops = 0xffffff80298cae70
mo_control = 0xffffff80359d65a0
}
ref_count = 1
vnode_handle = 0xffffff8035f112e8
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Then print the vnode path.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow-wrap: normal; overflow: auto; padding: 16px;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow-wrap: normal; overflow: visible; padding: 0px; word-break: normal;">(lldb) showvnodepath 0xffffff8035f112e8
/private/var/db/dyld/dyld_shared_cache_x86_64
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px;">
As it was expected this is actually a vnode for a prelinked shared libraries cache file.</div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-40524921889328956022018-01-14T04:42:00.002-08:002018-01-14T04:42:14.606-08:00A list of default macOS MAC policies<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, system-ui, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
A list of default macOS MAC policies</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(lldb) p mac_policy_list.entries[0].mpc
(mac_policy_conf *) $90 = 0xffffff7f823db4b8
(lldb) p *mac_policy_list.entries[0].mpc
(mac_policy_conf) $91 = {
mpc_name = 0xffffff7f823d7f13 "AMFI"
mpc_fullname = 0xffffff7f823d7f18 "Apple Mobile File Integrity"
mpc_labelnames = 0xffffff7f823da6d0
mpc_labelname_count = 1
mpc_ops = 0xffffff7f823daa40
mpc_loadtime_flags = 0
mpc_field_off = 0xffffff7f823da9a0
mpc_runtime_flags = 1
mpc_list = 0x0000000000000000
mpc_data = 0x0000000000000000
}
(lldb) p *mac_policy_list.entries[1].mpc
(mac_policy_conf) $92 = {
mpc_name = 0xffffff7f82bda2fd "Sandbox"
mpc_fullname = 0xffffff7f82bda53a "Seatbelt sandbox policy"
mpc_labelnames = 0xffffff7f82be0110
mpc_labelname_count = 1
mpc_ops = 0xffffff7f82be0118
mpc_loadtime_flags = 0
mpc_field_off = 0xffffff7f82be1378
mpc_runtime_flags = 1
mpc_list = 0x0000000000000000
mpc_data = 0x0000000000000000
}
(lldb) p *mac_policy_list.entries[2].mpc
(mac_policy_conf) $93 = {
mpc_name = 0xffffff7f83d73fd4 "TMSafetyNet"
mpc_fullname = 0xffffff7f83d73fe0 "Safety net for Time Machine"
mpc_labelnames = 0xffffff7f83d74060
mpc_labelname_count = 1
mpc_ops = 0xffffff7f83d74068
mpc_loadtime_flags = 2
mpc_field_off = 0xffffff7f83d74be8
mpc_runtime_flags = 1
mpc_list = 0x0000000000000000
mpc_data = 0x0000000000000000
}
(lldb) p *mac_policy_list.entries[3].mpc
(mac_policy_conf) $94 = {
mpc_name = 0xffffff7f84159c06 "Quarantine"
mpc_fullname = 0xffffff7f84159c7c "Quarantine policy"
mpc_labelnames = 0xffffff7f8415a160
mpc_labelname_count = 1
mpc_ops = 0xffffff7f8415a168
mpc_loadtime_flags = 0
mpc_field_off = 0xffffff7f8415acfc
mpc_runtime_flags = 1
mpc_list = 0x0000000000000000
mpc_data = 0x0000000000000000
}</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-29943263136772961842017-09-25T06:33:00.003-07:002017-09-25T06:34:56.925-07:00Linux kernel debugging with GDB: getting a task running on a CPU<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">current</code> task is saved in per-cpu space for x86-64 and is accessed through the <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">gs</code> register at <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">current_task</code> offset as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">mov %gs:0xd440,%rdx</code></pre>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x &current_task
$63 = 0xd440
(gdb) p/x __per_cpu_offset[0]
$64 = 0xffff88001fc00000
(gdb) x/gx 0xffff88001fc00000+0xd440
0xffff88001fc0d440: 0xffff88001dea6a00
(gdb) p/d ((struct task_struct*)0xffff88001dea6a00)->pid
$67 = 243
(gdb) p/x ((struct task_struct*)0xffff88001dea6a00)->mm
$69 = 0xffff88001d1bc800
(gdb) p/x ((struct task_struct*)0xffff88001dea6a00)->active_mm
$70 = 0xffff88001d1bc800
(gdb) p/x __per_cpu_offset[2]
$73 = 0xffff88001fd00000
(gdb) x/gx 0xffff88001fd00000+0xd440
0xffff88001fd0d440: 0xffff88001f240000
(gdb) p/x ((struct task_struct*)0xffff88001f240000)->pid
$74 = 0x1
(gdb) lx-ps
0xffffffff81e104c0 <init_task> 0 swapper/0
0xffff88001f240000 1 systemd
0xffff88001f240d40 2 kthreadd
0xffff88001f2427c0 4 kworker/0:0H
0xffff88001f244240 6 mm_percpu_wq
0xffff88001f244f80 7 ksoftirqd/0
0xffff88001f245cc0 8 rcu_sched
0xffff88001f246a00 9 rcu_bh
0xffff88001f298000 10 migration/0
0xffff88001f298d40 11 watchdog/0
0xffff88001f29c240 12 cpuhp/0
0xffff88001f29cf80 13 cpuhp/1
0xffff88001f29dcc0 14 watchdog/1
0xffff88001f29ea00 15 migration/1
0xffff88001f2c8000 16 ksoftirqd/1
0xffff88001f2c9a80 18 kworker/1:0H
0xffff88001f2ca7c0 19 cpuhp/2
0xffff88001f2cb500 20 watchdog/2
0xffff88001f2cc240 21 migration/2
0xffff88001f2ccf80 22 ksoftirqd/2
0xffff88001f2cea00 24 kworker/2:0H
0xffff88001f310000 25 cpuhp/3
0xffff88001f310d40 26 watchdog/3
0xffff88001f311a80 27 migration/3
0xffff88001f3127c0 28 ksoftirqd/3
0xffff88001f314240 30 kworker/3:0H
0xffff88001f314f80 31 kdevtmpfs
0xffff88001f315cc0 32 netns
0xffff88001dc28000 34 khungtaskd
0xffff88001dc28d40 35 oom_reaper
0xffff88001dc29a80 36 writeback
0xffff88001dc2a7c0 37 kcompactd0
0xffff88001dc2b500 38 ksmd
0xffff88001dc2c240 39 crypto
0xffff88001dc2cf80 40 kintegrityd
0xffff88001dc2dcc0 41 bioset
0xffff88001dc2ea00 42 kblockd
0xffff88001dcd8000 43 ata_sff
0xffff88001dcd8d40 44 md
0xffff88001dcd9a80 45 edac-poller
0xffff88001dcda7c0 46 devfreq_wq
0xffff88001dcdb500 47 watchdogd
0xffff88001dcdc240 48 kworker/1:1
0xffff88001dcdcf80 49 kworker/2:1
0xffff88001dcddcc0 50 kworker/3:1
0xffff88001ddf8000 52 kauditd
0xffff88001ddf8d40 53 kswapd0
0xffff88001ddf9a80 54 bioset
0xffff88001ddfa7c0 55 ecryptfs-kthrea
0xffff88001dff0d40 72 kthrotld
0xffff88001dff1a80 73 acpi_thermal_pm
0xffff88001dff27c0 74 bioset
0xffff88001dff3500 75 bioset
0xffff88001dff4240 76 bioset
0xffff88001dff4f80 77 bioset
0xffff88001dff5cc0 78 bioset
0xffff88001dff6a00 79 bioset
0xffff88001dff0000 80 bioset
0xffff88001d660000 81 bioset
0xffff88001d660d40 82 scsi_eh_0
0xffff88001d661a80 83 scsi_tmf_0
0xffff88001d6627c0 84 scsi_eh_1
0xffff88001d663500 85 scsi_tmf_1
0xffff88001d718d40 91 ipv6_addrconf
0xffff88001d71dcc0 104 charger_manager
0xffff88001d71a7c0 105 bioset
0xffff88001d71ea00 106 bioset
0xffff88001d71c240 107 bioset
0xffff88001d719a80 110 jbd2/sda-8
0xffff88001d718000 111 ext4-rsv-conver
0xffff88001ddfdcc0 123 kworker/1:1H
0xffff88001ddfcf80 124 kworker/2:1H
0xffff88001ddfc240 127 kworker/0:1H
0xffff88001f350d40 135 kworker/3:2
0xffff88001dea4240 137 kworker/1:2
0xffff88001d0b0d40 140 systemd-journal
0xffff88001dea27c0 142 kworker/2:2
0xffff88001dea0d40 146 kworker/0:3
0xffff88001ded6a00 153 systemd-udevd
0xffff88001dea0000 156 kworker/3:1H
0xffff88001dea5cc0 227 cron
0xffff88001dea1a80 229 rsyslogd
0xffff88001ded0d40 235 in:imuxsock
0xffff88001ded0000 236 in:imklog
0xffff88001ded27c0 237 rs:main Q:Reg
0xffff88001ded1a80 233 agetty
0xffff88001c5d8d40 234 login
0xffff88001dea6a00 243 bash
0xffff88001dea3500 248 kworker/u8:2
0xffff88001c5d9a80 251 kworker/0:1
0xffff88001c5dc240 445 kworker/u8:1
0xffff88001c5ddcc0 452 kworker/u8:0</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-61443459626282222152017-08-13T11:13:00.003-07:002017-08-13T11:27:54.275-07:00Unwinding a kernel mode stack for exception in Linux.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
Generally GDB is unable to unwind a kernel call stack with an exception frame on it. The unwinding stops on an exception processing. For example</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) bt
#0 delay_tsc (__loops=5241148) at ../arch/x86/lib/delay.c:78
#1 0xffffffff8134b532 in __delay (loops=<optimised out>) at ../arch/x86/lib/delay.c:160
#2 __const_udelay (xloops=<optimised out>) at ../arch/x86/lib/delay.c:174
#3 0xffffffff81132620 in panic (fmt=<optimised out>) at ../kernel/panic.c:297
#4 0xffffffff8101f080 in oops_end (flags=70, regs=0xffffc90000227c18, signr=9) at ../arch/x86/kernel/dumpstack.c:235
#5 0xffffffff8104d1c7 in no_context (regs=0xffffc90000227c18, error_code=0, address=8, signal=<optimised out>, si_code=<optimised out>) at ../arch/x86/mm/fault.c:867
#6 0xffffffff8104d456 in __bad_area_nosemaphore (regs=0xffffc90000227c18, error_code=0, address=8, vma=<optimised out>, si_code=196609) at ../arch/x86/mm/fault.c:953
#7 0xffffffff8104d59f in bad_area_nosemaphore (regs=<optimised out>, error_code=<optimised out>, address=<optimised out>, vma=<optimised out>) at ../arch/x86/mm/fault.c:960
#8 0xffffffff8104d8e7 in __do_page_fault (regs=0xffffc90000227c18, error_code=0, address=8) at ../arch/x86/mm/fault.c:1387
#9 0xffffffff8104dccc in do_page_fault (regs=<optimised out>, error_code=<optimised out>) at ../arch/x86/mm/fault.c:1508
#10 0xffffffff8193ecd2 in page_fault () at ../arch/x86/entry/entry_64.S:1005
#11 0xffff88001decdb40 in ?? ()
#12 0xffff88001c02ae48 in ?? ()
#13 0xffffc90000227d98 in ?? ()
#14 0xffff88001d733000 in ?? ()
#15 0xffffc90000227cf0 in ?? ()
#16 0xffff88001d733000 in ?? ()
#17 0xffff88001cd02510 in ?? ()
#18 0xffffc90000227e18 in ?? ()
#19 0x0000000000000000 in ?? ()
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
Linux has a structure <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">struct pt_regs</code> to save thread context state. A pointer to this strucrue is provided to an exception processing routine and contains a context of a thread when an exception happened. Using register values from this structure a call stack at the moment of exception can be captured with GDB.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) f 8
#8 0xffffffff8104d8e7 in __do_page_fault (regs=0xffffc90000227c18, error_code=0, address=8) at ../arch/x86/mm/fault.c:1387
1387 bad_area_nosemaphore(regs, error_code, address, NULL);
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
Having a valid regs pointer set register values.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x *regs
$2 = {r15 = 0xffff88001decdb40, r14 = 0xffff88001c02ae48, r13 = 0xffffc90000227d98, r12 = 0xffff88001d733000, bp = 0xffffc90000227cf0, bx = 0xffff88001d733000, r11 = 0xffff88001cd02510,
r10 = 0xffffc90000227e18, r9 = 0x0, r8 = 0xffff88001fc9d180, ax = 0x0, cx = 0x0, dx = 0x1000, si = 0xffff88001d733000, di = 0xffffc90000227d00, orig_ax = 0xffffffffffffffff, ip = 0xffffffff811aa30c,
cs = 0x10, flags = 0x246, sp = 0xffffc90000227cc8, ss = 0x18}
(gdb) set $rsp=0xffffc90000227cc8
(gdb) set $rip=0xffffffff811aa30c.
(gdb) set $rbp=0xffffc90000227cf0
(gdb) set $rbx=0xffff88001d733000
(gdb) set $r15=0xffff88001decdb40
(gdb) set $r14=0xffff88001c02ae48
(gdb) set $r13=0xffffc90000227d98
(gdb) set $r12=0xffff88001d733000
(gdb) set $r11=0xffff88001cd02510
(gdb) set $r10=0xffffc90000227e18
(gdb) set $r9=0
(gdb) set $rsi=0xffff88001d733000
(gdb) set $rdi=0xffffc90000227d00
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
Now a call stack at the momemnt of exception can be examined.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) bt
#0 __read_once_size (size=<optimised out>, res=<optimised out>, p=<optimised out>) at ../include/linux/compiler.h:254
#1 __read_seqcount_begin (s=<optimised out>) at ../include/linux/seqlock.h:112
#2 raw_read_seqcount_begin (s=<optimised out>) at ../include/linux/seqlock.h:147
#3 read_seqcount_begin (s=<optimised out>) at ../include/linux/seqlock.h:164
#4 get_fs_root_rcu (root=<optimised out>, fs=<optimised out>) at ../fs/dcache.c:3222
#5 d_path (path=0xffffc90000227d00, buf=0xffff88001d733000 "", buflen=4096) at ../fs/dcache.c:3265
#6 0xffffffffc0000076 in redirfs_get_filename ()
#7 0xffffffffc0014121 in dummyflt_release (context=<optimised out>, args=0xffffc90000227d98) at /work/redirfs/src/dummyflt/dummyflt.c:104
#8 0xffffffffc000892e in rfs_precall_flts ()
#9 0xffffffffc0002a42 in rfs_release ()
#10 0xffffffff81193a7a in __fput (file=0xffff88001cd02500) at ../fs/file_table.c:209
#11 0xffffffff81193bb9 in ____fput (work=<optimised out>) at ../fs/file_table.c:245
#12 0xffffffff810758b9 in task_work_run () at ../kernel/task_work.c:116
#13 0xffffffff8105da35 in exit_task_work (task=<optimised out>) at ../include/linux/task_work.h:21
#14 do_exit (code=<optimised out>) at ../kernel/exit.c:878
#15 0xffffffff8105f14e in do_group_exit (exit_code=0) at ../kernel/exit.c:982
#16 0xffffffff8105f1bf in SYSC_exit_group (error_code=<optimised out>) at ../kernel/exit.c:993
#17 SyS_exit_group (error_code=<optimised out>) at ../kernel/exit.c:991
#18 0xffffffff8193d060 in entry_SYSCALL_64 () at ../arch/x86/entry/entry_64.S:203
#19 0x0000000000000000 in ?? ()
</code></pre>
<div>
<code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"><br /></code></div>
</div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-52250771500486284922017-07-29T03:59:00.000-07:002017-07-31T23:31:43.835-07:00Windows developers' misconception about UNIX.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
While reading <a href="http://www.osronline.com/" target="_blank">osronline.com</a> forum on Windows file system development I ran into a common misconception among Windows developers regarding UNIX design. <a href="http://osronline.com/cf.cfm?PageURL=showThread.CFM?link=285260" target="_blank">http://osronline.com/cf.cfm?PageURL=showThread.CFM?link=285260</a></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"><QUOTE>
The essential difference between how the NT kernel works and how Unix was
designed is that NT caches streams of data (above the file system), whereas
on Unix data is cached at the block layer.
</QUOTE>
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
I spent 5 minutes to bust it.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
This is true only for ancient *NIX kernels. Modern kernels use the same technique as NT with caching backed by file mapping structures.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
For example below is a call stack from my test machine running the Linux kernel (4.12.2) when ext4 read operation (ext4_file_read_iter) called the "Linux cache manager" ( do_generic_file_read -> page_cache_sync_readahead ) to bring data in the cache backed by mapped file structures( struct address_space ) when processing the read() system call.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
This resulted in a recursive call to mapping->a_ops->readpages into a file system's ext4_readpages . This is an analogue of a cached read in NT. Mac OS X uses the same caching by file mapping technique borrowed from BSD.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) bt
#0 ext4_readpages (file=0xffff88001d59b300, mapping=0xffff88001d1d56c0, pages=0xffffc90000817c30, nr_pages=1) at ../fs/ext4/inode.c:3308
#1 0xffffffff811b6288 in read_pages (gfp=<optimised out>, nr_pages=<optimised out>, pages=<optimised out>, filp=<optimised out>, mapping=<optimised out>) at ../mm/readahead.c:121
#2 __do_page_cache_readahead (mapping=<optimised out>, filp=<optimised out>, offset=1, nr_to_read=<optimised out>, lookahead_size=<optimised out>) at ../mm/readahead.c:199
#3 0xffffffff811b64b8 in ra_submit (ra=<optimised out>, ra=<optimised out>, ra=<optimised out>, filp=<optimised out>, mapping=<optimised out>) at ../mm/internal.h:66
#4 ondemand_readahead (mapping=0xffff88001d1d56c0, ra=0xffff88001d59b398, filp=0xffff88001d59b300, hit_readahead_marker=<optimised out>, offset=0, req_size=<optimised out>) at ../mm/readahead.c:478
#5 0xffffffff811b678e in page_cache_sync_readahead (mapping=<optimised out>, ra=<optimised out>, filp=<optimised out>, offset=<optimised out>, req_size=<optimised out>) at ../mm/readahead.c:510
#6 0xffffffff811a7a62 in do_generic_file_read (written=<optimised out>, iter=<optimised out>, ppos=<optimised out>, filp=<optimised out>) at ../mm/filemap.c:1813
#7 generic_file_read_iter (iocb=0x20000, iter=<optimised out>) at ../mm/filemap.c:2069
#8 0xffffffff812d1386 in ext4_file_read_iter (iocb=0xffff88001d59b300, to=0xffff88001d1d56c0) at ../fs/ext4/file.c:70
#9 0xffffffff81237680 in call_read_iter (file=<optimised out>, iter=<optimised out>, kio=<optimised out>) at ../include/linux/fs.h:1728
#10 new_sync_read (ppos=<optimised out>, len=<optimised out>, buf=<optimised out>, filp=<optimised out>) at ../fs/read_write.c:440
#11 __vfs_read (file=0xffff88001d59b300, buf=<optimised out>, count=<optimised out>, pos=0xffffc90000817f18) at ../fs/read_write.c:452
#12 0xffffffff81237cc3 in vfs_read (file=0xffff88001d59b300, buf=0x7fb92a0cb000 <error: Cannot access memory at address 0x7fb92a0cb000>, count=<optimised out>, pos=0xffffc90000817f18)
at ../fs/read_write.c:473
#13 0xffffffff81239385 in SYSC_read (count=<optimised out>, buf=<optimised out>, fd=<optimised out>) at ../fs/read_write.c:589
#14 SyS_read (fd=<optimised out>, buf=140433251151872, count=131072) at ../fs/read_write.c:582
#15 0xffffffff818aaffb in entry_SYSCALL_64 () at ../arch/x86/entry/entry_64.S:203
</code></pre>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) f 4
#4 ondemand_readahead (mapping=0xffff88001d1d56c0, ra=0xffff88001d59b398, filp=0xffff88001d59b300, hit_readahead_marker=<optimised out>, offset=0, req_size=<optimised out>) at ../mm/readahead.c:478
478 return ra_submit(ra, mapping, filp);
(gdb) p/x *mapping
$14 = {host = 0xffff88001d1d5548, page_tree = {gfp_mask = 0x1180020, rnode = 0x0}, tree_lock = {{rlock = {raw_lock = {val = {counter = 0x0}}}}}, i_mmap_writable = {counter = 0x0}, i_mmap = {
rb_node = 0x0}, i_mmap_rwsem = {count = {counter = 0x0}, wait_list = {next = 0xffff88001d1d56f0, prev = 0xffff88001d1d56f0}, wait_lock = {raw_lock = {val = {counter = 0x0}}}, osq = {tail = {
counter = 0x0}}, owner = 0x0}, nrpages = 0x0, nrexceptional = 0x0, writeback_index = 0x0, a_ops = 0xffffffff81a3a680, flags = 0x0, private_lock = {{rlock = {raw_lock = {val = {
counter = 0x0}}}}}, gfp_mask = 0x14200ca, private_list = {next = 0xffff88001d1d5740, prev = 0xffff88001d1d5740}, private_data = 0x0}
(gdb) ptype mapping
type = struct address_space {
struct inode *host;
struct radix_tree_root page_tree;
spinlock_t tree_lock;
atomic_t i_mmap_writable;
struct rb_root i_mmap;
struct rw_semaphore i_mmap_rwsem;
unsigned long nrpages;
unsigned long nrexceptional;
unsigned long writeback_index;
const struct address_space_operations *a_ops;
unsigned long flags;
spinlock_t private_lock;
gfp_t gfp_mask;
struct list_head private_list;
void *private_data;
} *
(gdb) f 1
#1 0xffffffff811b6288 in read_pages (gfp=<optimised out>, nr_pages=<optimised out>, pages=<optimised out>, filp=<optimised out>, mapping=<optimised out>) at ../mm/readahead.c:121
121 ret = mapping->a_ops->readpages(filp, mapping, pages, nr_pages);
(gdb) l
116 int ret;
117
118 blk_start_plug(&plug);
119
120 if (mapping->a_ops->readpages) {
121 ret = mapping->a_ops->readpages(filp, mapping, pages, nr_pages);
122 /* Clean up the remaining pages */
123 put_pages_list(pages);
124 goto out;
125 }
(gdb) f 9
#9 0xffffffff81237680 in call_read_iter (file=<optimised out>, iter=<optimised out>, kio=<optimised out>) at ../include/linux/fs.h:1728
1728 return file->f_op->read_iter(kio, iter);
(gdb) l
1723 } ____cacheline_aligned;
1724
1725 static inline ssize_t call_read_iter(struct file *file, struct kiocb *kio,
1726 struct iov_iter *iter)
1727 {
1728 return file->f_op->read_iter(kio, iter);
1729 }
1730
1731 static inline ssize_t call_write_iter(struct file *file, struct kiocb *kio,
1732 struct iov_iter *iter)
(gdb)
</code></pre>
<div>
<code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"><br /></code></div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-60013650280644269452017-07-03T08:26:00.000-07:002017-07-03T08:27:16.078-07:00FltCreateFile and top device.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">FltCreateFile</code> calls IoCreateFileEx with <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">IO_DRIVER_CREATE_CONTEXT.DeviceObjectHint</code> pointing to the Filter Manager's filter object and then calls the lower registered filters. That allows the created file object to have <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">TopDeviceObjectHint</code> pointing to the Filter Manager's object.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> # Child-SP RetAddr Call Site
00 ffffe101`3fffebf8 fffff801`92125200 FLTMGR!FltpCreate
01 ffffe101`3fffec00 fffff801`9213058b nt!IopParseDevice+0x7f0
02 ffffe101`3fffedd0 fffff801`921340c0 nt!ObpLookupObjectName+0x46b
03 ffffe101`3fffefa0 fffff801`9213803a nt!ObOpenObjectByNameEx+0x1e0
04 ffffe101`3ffff0e0 fffff801`920b0eb4 nt!IopCreateFile+0x3aa
05 ffffe101`3ffff180 fffff808`485240d5 nt!IoCreateFileEx+0x124
06 ffffe101`3ffff210 fffff808`4853d32d FLTMGR!FltpCreateFile+0x1cd
07 ffffe101`3ffff310 fffff808`4b6a79f8 FLTMGR!FltCreateFile+0x8d
08 ffffe101`3ffff3a0 fffff808`484f4b4c avscan!AvPreCreate+0x378 [d:\work\avscan\filter\avscan.c @ 2106]
09 ffffe101`3ffff4b0 fffff808`484f46ec FLTMGR!FltpPerformPreCallbacks+0x2ec
0a ffffe101`3ffff5d0 fffff808`48526117 FLTMGR!FltpPassThroughInternal+0x8c
0b ffffe101`3ffff600 fffff801`92125200 FLTMGR!FltpCreate+0x2d7
0c ffffe101`3ffff6b0 fffff801`9213058b nt!IopParseDevice+0x7f0
0d ffffe101`3ffff880 fffff801`921340c0 nt!ObpLookupObjectName+0x46b
0e ffffe101`3ffffa50 fffff801`920c9e90 nt!ObOpenObjectByNameEx+0x1e0
0: kd> dt nt!_FILE_OBJECT ffff948c621a3330
+0x000 Type : 0n5
+0x002 Size : 0n216
+0x008 DeviceObject : 0xffff948c`60a3bc80 _DEVICE_OBJECT
+0x010 Vpb : 0xffff948c`60a556e0 _VPB
+0x018 FsContext : 0xffff948c`6111a740 Void
+0x020 FsContext2 : 0xffff8483`76cf78f0 Void
+0x028 SectionObjectPointer : (null)
+0x030 PrivateCacheMap : (null)
+0x038 FinalStatus : 0n0
+0x040 RelatedFileObject : (null)
+0x048 LockOperation : 0 ''
+0x049 DeletePending : 0 ''
+0x04a ReadAccess : 0x1 ''
+0x04b WriteAccess : 0 ''
+0x04c DeleteAccess : 0 ''
+0x04d SharedRead : 0x1 ''
+0x04e SharedWrite : 0x1 ''
+0x04f SharedDelete : 0x1 ''
+0x050 Flags : 0x40000
+0x058 FileName : _UNICODE_STRING "\"
+0x068 CurrentByteOffset : _LARGE_INTEGER 0x0
+0x070 Waiters : 0
+0x074 Busy : 0
+0x078 LastLock : (null)
+0x080 Lock : _KEVENT
+0x098 Event : _KEVENT
+0x0b0 CompletionContext : (null)
+0x0b8 IrpListLock : 0
+0x0c0 IrpList : _LIST_ENTRY [ 0xffff948c`621a33f0 - 0xffff948c`621a33f0 ]
+0x0d0 FileObjectExtension : 0xffff948c`6226f1b0 Void
0: kd> dq 0xffff948c`6226f1b0
ffff948c`6226f1b0 00000000`00000000 00000000`00000000
ffff948c`6226f1c0 ffff948c`60dff0d0 00000000`00000000
ffff948c`6226f1d0 ffff948c`6243f2c0 00000000`00000000
ffff948c`6226f1e0 00000000`00000000 00000000`00000000
ffff948c`6226f1f0 00000000`00000000 00000000`00000000
ffff948c`6226f200 61436d4d`02120006 00000000`0000034c
ffff948c`6226f210 ffff8483`7535ed10 ffff948c`62161e28
ffff948c`6226f220 ffff948c`6221da78 00000000`00000000
0: kd> dq ffff948c`60dff0d0
ffff948c`60dff0d0 ffff948c`610734a0 00000000`00000000
ffff948c`60dff0e0 00000000`00000000 00000000`00000000
ffff948c`60dff0f0 65536d4d`02060003 6c8da38a`069a7123
ffff948c`60dff100 00000000`00000000 0000024e`49c8000a
ffff948c`60dff110 0000024e`49c80fff 00000000`00000000
ffff948c`60dff120 00000000`00000000 00000000`00000000
ffff948c`60dff130 00000000`00000000 00000000`00000000
ffff948c`60dff140 00000000`00000002 00000000`00000000
0: kd> !object ffff948c`610734a0
Object: ffff948c610734a0 Type: (ffff948c5e34eb00) Device
ObjectHeader: ffff948c61073470 (new version)
HandleCount: 0 PointerCount: 1
0: kd> !devstack ffff948c610734a0
!DevObj !DrvObj !DevExt ObjectName
> ffff948c610734a0 \FileSystem\FltMgr ffff948c610735f0
ffff948c61048060 \FileSystem\fastfatffff948c610481b0
0: kd> !vpb 0xffff948c`60a556e0
Vpb at 0xffff948c60a556e0
Flags: 0x1 mounted
DeviceObject: 0xffff948c61048060
RealDevice: 0xffff948c60a3bc80
RefCount: 8
Volume Label: </code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-24476372679197871302017-06-27T05:41:00.002-07:002017-06-27T05:42:13.090-07:00C++ exceptions handling design.<div dir="ltr" style="text-align: left;" trbidi="on">
A very informative article on exceptions handling design and implications for code optimizations.<br />
<br />
<a href="https://www.usenix.org/legacy/events/osdi2000/wiess2000/full_papers/dinechin/dinechin_html/" target="_blank">C++ Exception Handling for IA-64</a><br />
<br /></div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-81150478196828437492017-06-25T10:06:00.003-07:002017-06-25T10:09:06.375-07:00Magenta RISC-V booting<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Below is an output of Magenta RISC-V port <a href="https://github.com/slavaim/riscv-magenta" target="_blank">riscv-magenta</a><br />
<br /></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">[1266874889.709] 00000.00000> Available physical memory: 2032dMB
[1266874889.709] 00000.00000>
welcome to lk/MP
[1266874889.709] 00000.00000> INIT: cpu 0, calling hook 0xffffffff8006e2d4 (global_prng_seed) at level 0x30000, flags 0x1
[1266874889.709] 00000.00000> WARNING: System has insufficient randomness. It is completely unsafe to use this system for any cryptographic applications.
[1266874889.709] 00000.00000> INIT: cpu 0, calling hook 0xffffffff800386b0 (elf_build_id) at level 0x3fffe, flags 0x1
[1266874889.709] 00000.00000> INIT: cpu 0, calling hook 0xffffffff800385f0 (version) at level 0x3ffff, flags 0x1
[1266874889.709] 00000.00000> version:
[1266874889.709] 00000.00000> arch: RISCV
[1266874889.709] 00000.00000> platform: RISCV_RV64
[1266874889.709] 00000.00000> target: QEMU_RISCV_RV64
[1266874889.709] 00000.00000> project: MAGENTA_QEMU_RISCV_RV64
[1266874889.709] 00000.00000> buildid: GIT_0FBB50D3A8FC1D242E1D7A2921674579C9192D66_DIRTY_LOCAL
[1266874889.709] 00000.00000> ELF build ID: be2909891fc4cce74084f5fa3f14d6e98903d3bb
[1266874889.709] 00000.00000> INIT: cpu 0, calling hook 0xffffffff80042f0c (vm_preheap) at level 0x3ffff, flags 0x1
[1266874889.709] 00000.00000> initializing heap
[1266874889.709] 00000.00000> INIT: cpu 0, calling hook 0xffffffff8004305c (vm) at level 0x50000, flags 0x1
[1266874889.709] 00000.00000> VM: reserving kernel region [ffffffff80000000, ffffffff800f7000) flags 0x28 name 'kernel_code'
[1266874889.709] 00000.00000> VM: reserving kernel region [ffffffff800f7000, ffffffff80139000) flags 0x8 name 'kernel_rodata'
[1266874889.709] 00000.00000> VM: reserving kernel region [ffffffff80139000, ffffffff8013c000) flags 0x18 name 'kernel_data'
[1266874889.709] 00000.00000> VM: reserving kernel region [ffffffff8013c000, ffffffff80166000) flags 0x18 name 'kernel_bss'
[1266874889.709] 00000.00000> VM: reserving kernel region [ffffffff8016a000, ffffffff8114b000) flags 0x18 name 'kernel_bootalloc'
[1266874889.709] 00000.00000> INIT: cpu 0, calling hook 0xffffffff8000197c (timer) at level 0x50003, flags 0x1
[00003.966] 00000.00000> initializing mp
[00003.966] 00000.00000> initializing threads
[00003.967] 00000.00000> initializing timers
[00003.967] 00000.00000> INIT: cpu 0, calling hook 0xffffffff800132d4 (debuglog) at level 0x6ffff, flags 0x1
[00003.970] 00000.00000> INIT: cpu 0, calling hook 0xffffffff8006e448 (global_prng_thread_safe) at level 0x6ffff, flags 0x1
[00003.971] 00000.00000> creating bootstrap completion thread
[00004.057] 00000.00000> top of bootstrap2()
[00004.058] 00000.00000> INIT: cpu 0, calling hook 0xffffffff80070c9c (dpc) at level 0x70000, flags 0x1
[00004.064] 00000.00000> INIT: cpu 0, calling hook 0xffffffff8009158c (magenta) at level 0x70000, flags 0x1
[00004.078] 00000.00000> initializing platform
[00004.078] 00000.00000> initializing target
[00004.078] 00000.00000> calling apps_init()
[00004.078] 00000.00000> INIT: cpu 0, calling hook 0xffffffff80014464 (ktrace) at level 0xaffff, flags 0x1
[00005.091] 00000.00000> ktrace: buffer at 0xffffffc000e01000 (33554432 bytes)
[00005.094] 00000.00000> INIT: cpu 0, calling hook 0xffffffff800384bc (userboot) at level 0xaffff, flags 0x1
[00005.161] 00000.00000> userboot: userboot rodata 0 @ [0x292f043000,0x292f045000)
[00005.163] 00000.00000> userboot: userboot code 0x2000 @ [0x292f045000,0x292f05a000)
[00005.165] 00000.00000> userboot: vdso/full rodata 0 @ [0x292f05a000,0x292f05f000)
[00005.167] 00000.00000> userboot: vdso/full code 0x5000 @ [0x292f05f000,0x292f061000)
[00005.193] 00000.00000> userboot: entry point @ 0x292f046da0
[00005.293] 00000.00000> starting app shell
] [00005.296] 00000.00000> entering main console loop
</code></pre>
<div>
<code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"><br /></code></div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-78532380959537817922017-06-19T23:43:00.002-07:002017-06-19T23:45:34.076-07:00RISC-V Magenta context switch<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The code related to RISC-V Magenta context switching can be found in <a href="https://github.com/slavaim/riscv-magenta/blob/riscv/kernel/arch/riscv/rv64/exception.S" target="_blank">exception.S</a> and <a href="https://github.com/slavaim/riscv-magenta/blob/riscv/kernel/arch/riscv/include/arch/riscv/switch_to.h" target="_blank">switch_to.h</a> files.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
A thread for a CPU is switched by a call to</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">static inline void riscv_switch_to(struct riscv_thread_state * prev,
struct riscv_thread_state * next)
{
__switch_to_aux(prev, next);
__switch_to(prev, next);
assert(get_current());
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The registers are saved and restored from the <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv_thread_state</code> structure.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">/*
* Integer register context switch
* The callee-saved registers must be saved and restored.
*
* a0: previous task_struct (must be preserved across the switch)
* a1: next task_struct
*/
.section .text
FUNCTION(__switch_to)
/*
* $a0 == &prev->arch.stat
* $a1 == &next->arch.stat
*/
/* Save context into prev->arch.state */
REG_S ra, THREAD_RA(a0)
REG_S sp, THREAD_SP(a0)
REG_S s0, THREAD_S0(a0)
REG_S s1, THREAD_S1(a0)
REG_S s2, THREAD_S2(a0)
REG_S s3, THREAD_S3(a0)
REG_S s4, THREAD_S4(a0)
REG_S s5, THREAD_S5(a0)
REG_S s6, THREAD_S6(a0)
REG_S s7, THREAD_S7(a0)
REG_S s8, THREAD_S8(a0)
REG_S s9, THREAD_S9(a0)
REG_S s10, THREAD_S10(a0)
REG_S s11, THREAD_S11(a0)
/* Restore context from next->arch.state */
REG_L ra, THREAD_RA(a1)
REG_L sp, THREAD_SP(a1)
REG_L s0, THREAD_S0(a1)
REG_L s1, THREAD_S1(a1)
REG_L s2, THREAD_S2(a1)
REG_L s3, THREAD_S3(a1)
REG_L s4, THREAD_S4(a1)
REG_L s5, THREAD_S5(a1)
REG_L s6, THREAD_S6(a1)
REG_L s7, THREAD_S7(a1)
REG_L s8, THREAD_S8(a1)
REG_L s9, THREAD_S9(a1)
REG_L s10, THREAD_S10(a1)
REG_L s11, THREAD_S11(a1)
REG_L tp, THREAD_TI(a1) /* Next thread_info pointer */
/*return to $ra, the new $sp has been set*/
ret
END(__switch_to)
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The new thread <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">$ra</code> points to the next instruction after a call to <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">__switch_to</code> inside <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv_switch_to</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x newthread->arch.state
$137 = {ra = 0xffffffff80002f3c, sp = 0xffffffff8114cc80, s = {0xffffffff8114ccb0, 0xffffffff800031c4, 0x1, 0xffffffff800347f8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, fstate = {f = {
0x0 <repeats 32 times>}, fcsr = 0x0}, ti = 0xffffffff8114ae80}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">ret</code> instruction at the end of <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">__switch_to</code> resumes a thread at this address.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The scheduled out thread state has <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">$ra</code> pointing to same address.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x oldthread->arch.state
$138 = {ra = 0xffffffff8000b3f8, sp = 0xffffffc002e04000, s = {0x0 <repeats 12 times>}, fstate = {f = {0x0 <repeats 32 times>}, fcsr = 0x0}, ti = 0xffffffff8116a9d8}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv_switch_to</code> disassembled listing is</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) disassem 0xffffffff80002f3c
Dump of assembler code for function riscv_switch_to:
0xffffffff80002f04 <+0>: addi sp,sp,-48
0xffffffff80002f08 <+4>: sd ra,40(sp)
0xffffffff80002f0c <+8>: sd s0,32(sp)
0xffffffff80002f10 <+12>: sd s1,24(sp)
0xffffffff80002f14 <+16>: addi s0,sp,48
0xffffffff80002f18 <+20>: mv s1,ra
0xffffffff80002f1c <+24>: sd a0,-40(s0)
0xffffffff80002f20 <+28>: sd a1,-48(s0)
0xffffffff80002f24 <+32>: ld a1,-48(s0)
0xffffffff80002f28 <+36>: ld a0,-40(s0)
0xffffffff80002f2c <+40>: jal ra,0xffffffff80002ee0 <__switch_to_aux>
0xffffffff80002f30 <+44>: ld a1,-48(s0)
0xffffffff80002f34 <+48>: ld a0,-40(s0)
0xffffffff80002f38 <+52>: jal ra,0xffffffff800003a8 <__switch_to>
0xffffffff80002f3c <+56>: jal ra,0xffffffff80002e70 <get_current>
0xffffffff80002f40 <+60>: mv a5,a0
0xffffffff80002f44 <+64>: seqz a5,a5
0xffffffff80002f48 <+68>: andi a5,a5,255
0xffffffff80002f4c <+72>: beqz a5,0xffffffff80002f78 <riscv_switch_to+116>
0xffffffff80002f50 <+76>: mv a0,s1
0xffffffff80002f54 <+80>: mv a1,s0
0xffffffff80002f58 <+84>: lui a5,0x800f2
0xffffffff80002f5c <+88>: addi a5,a5,1880 # 0xffffffff800f2758
0xffffffff80002f60 <+92>: li a4,34
0xffffffff80002f64 <+96>: lui a3,0x800f2
0xffffffff80002f68 <+100>: addi a3,a3,1896 # 0xffffffff800f2768
0xffffffff80002f6c <+104>: lui a2,0x800f2
0xffffffff80002f70 <+108>: addi a2,a2,1840 # 0xffffffff800f2730
0xffffffff80002f74 <+112>: jal ra,0xffffffff8006b9f0 <_panic>
0xffffffff80002f78 <+116>: nop
0xffffffff80002f7c <+120>: ld ra,40(sp)
0xffffffff80002f80 <+124>: ld s0,32(sp)
0xffffffff80002f84 <+128>: ld s1,24(sp)
0xffffffff80002f88 <+132>: addi sp,sp,48
0xffffffff80002f8c <+136>: ret
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px;">
As you can see <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">0xffffffff80002f3c</code> is an address of a call to <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">get_current</code> which is a parameter to the <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">assert</code> check after a call to <code style="background-color: rgba(27, 31, 35, 0.05); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">__switch_to</code>.</div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-50340234026314674512017-06-12T05:46:00.002-07:002017-06-12T05:47:09.459-07:00RISC-V Magenta. The init process.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The init process address space initialisation.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">#2 0xffffffff80004690 in arch_mmu_init_aspace (aspace=0xffffffff81168310, base=16777216, size=274861125632, flags=0) at kernel/arch/riscv/mmu.cpp:73
#3 0xffffffff8004bb64 in VmAspace::Init (this=0xffffffff811681c0) at kernel/kernel/vm/vm_aspace.cpp:142
#4 0xffffffff8004bdb0 in VmAspace::Create (flags=0, name=0x0) at kernel/kernel/vm/vm_aspace.cpp:180
#5 0xffffffff8008f7e0 in ProcessDispatcher::Initialize (this=0xffffffff81167eb0) at kernel/lib/magenta/process_dispatcher.cpp:147
#6 0xffffffff8008ef30 in ProcessDispatcher::Create (job=..., name=..., flags=0, dispatcher=0xffffffff81146e48, rights=0xffffffff81146e3c, root_vmar_disp=0xffffffff81146e40,
root_vmar_rights=0xffffffff81146e38) at kernel/lib/magenta/process_dispatcher.cpp:73
#7 0xffffffff80032b84 in attempt_userboot () at kernel/lib/userboot/userboot.cpp:283
#8 0xffffffff800330ec in userboot_init (level=720895) at kernel/lib/userboot/userboot.cpp:357
#9 0xffffffff80005da8 in lk_init_level (required_flag=LK_INIT_FLAG_PRIMARY_CPU, start_level=655360, stop_level=720895) at kernel/top/init.c:86
#10 0xffffffff80005e4c in lk_primary_cpu_init_level (start_level=655360, stop_level=720895) at kernel/include/lk/init.h:51
#11 0xffffffff800060fc in bootstrap2 (arg=0x0) at kernel/top/main.c:136
#12 0xffffffff8000a78c in initial_thread_func () at kernel/kernel/thread.c:84
#13 0xffffffff8000a74c in init_thread_struct (t=0xffffffff81144be0, name=0x0) at kernel/kernel/thread.c:72
</code></pre>
<div>
<code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"><br /></code></div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-32256059574712694532017-06-08T07:26:00.000-07:002017-06-12T05:47:25.133-07:00Windows. Cache prefetching<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
00 nt!KiSwapContext<br />
01 nt!KiSwapThread<br />
02 nt!KiCommitThreadWait<br />
03 nt!KeWaitForSingleObject<br />
04 nt!MiWaitForInPageComplete<br />
05 nt!MiPfCompleteInPageSupport<br />
06 nt!MiPfCompletePrefetchIos<br />
07 nt!MmWaitForCacheManagerPrefetch<br />
08 nt!CcFetchDataForRead<br />
09 nt!CcMapAndCopyFromCache<br />
0a nt!CcCopyReadEx<br />
0b nt!CcCopyRead</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-88307491670648455132017-05-30T21:41:00.003-07:002017-05-30T21:41:35.417-07:00RISC-V GNU tool chain and relocation sections in shared and static libraries.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The library code</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">const
unsigned char __clz_tab[] =
{
0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
};
long foo(long x)
{
return __clz_tab[x % (sizeof(__clz_tab)/sizeof(__clz_tab[0]))];
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Build the shared(<em style="box-sizing: border-box;">.so) and static(</em>.o) library.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-gcc -shared -ffreestanding -nostdlib -fPIC -o relocation.so relocation.c
slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-gcc -c -ffreestanding -nostdlib -fPIC -o relocation.o relocation.c
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The shared library has a <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.got</code> (Global Offset Table) section to reference the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">__clz_tab</code> array. The <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.got</code> section is adjusted by the loader with the relocation data from the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.rela.dyn</code> section.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-objdump -hr relocation.so
relocation.so: file format elf64-littleriscv
Sections:
Idx Name Size VMA LMA File off Algn
0 .hash 00000030 00000000000000e8 00000000000000e8 000000e8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
1 .dynsym 000000a8 0000000000000118 0000000000000118 00000118 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
2 .dynstr 00000027 00000000000001c0 00000000000001c0 000001c0 2**0
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .rela.dyn 00000018 00000000000001e8 00000000000001e8 000001e8 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .text 00000038 0000000000000200 0000000000000200 00000200 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
5 .rodata 00000100 0000000000000238 0000000000000238 00000238 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
6 .dynamic 000000e0 0000000000001338 0000000000001338 00000338 2**3
CONTENTS, ALLOC, LOAD, DATA
7 .got 00000020 0000000000001418 0000000000001418 00000418 2**3
CONTENTS, ALLOC, LOAD, DATA
8 .comment 00000011 0000000000000000 0000000000000000 00000438 2**0
CONTENTS, READONLY
slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-objdump --disassemble relocation.so
relocation.so: file format elf64-littleriscv
Disassembly of section .text:
0000000000000200 <foo>:
200: fe010113 addi sp,sp,-32
204: 00813c23 sd s0,24(sp)
208: 02010413 addi s0,sp,32
20c: fea43423 sd a0,-24(s0)
210: fe843783 ld a5,-24(s0)
214: 0ff7f793 andi a5,a5,255
218: 00001717 auipc a4,0x1
21c: 21873703 ld a4,536(a4) # 1430 <_GLOBAL_OFFSET_TABLE_+0x8>
220: 00f707b3 add a5,a4,a5
224: 0007c783 lbu a5,0(a5)
228: 00078513 mv a0,a5
22c: 01813403 ld s0,24(sp)
230: 02010113 addi sp,sp,32
234: 00008067 ret
slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-readelf -r relocation.so
Relocation section '.rela.dyn' at offset 0x1e8 contains 1 entries:
Offset Info Type Sym. Value Sym. Name + Addend
000000001430 000300000002 R_RISCV_64 0000000000000238 __clz_tab + 0
slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-objdump -hr relocation.o
relocation.o: file format elf64-littleriscv
Sections:
Idx Name Size VMA LMA File off Algn
0 .text 00000038 0000000000000000 0000000000000000 00000040 2**2
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
1 .data 00000000 0000000000000000 0000000000000000 00000078 2**0
CONTENTS, ALLOC, LOAD, DATA
2 .bss 00000000 0000000000000000 0000000000000000 00000078 2**0
ALLOC
3 .rodata 00000100 0000000000000000 0000000000000000 00000078 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .comment 00000012 0000000000000000 0000000000000000 00000178 2**0
CONTENTS, READONLY
RELOCATION RECORDS FOR [.text]:
OFFSET TYPE VALUE
0000000000000018 R_RISCV_GOT_HI20 __clz_tab
000000000000001c R_RISCV_PCREL_LO12_I .L0
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The static library also has a <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.got</code> (Global Offset Table) section to reference the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">__clz_tab</code> array. The <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.got</code> section is adjusted by the loader with the relocation data from the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.rela.dyn</code> section.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-objdump -hr relocation.o
relocation.o: file format elf64-littleriscv
Sections:
Idx Name Size VMA LMA File off Algn
0 .text 00000038 0000000000000000 0000000000000000 00000040 2**2
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
1 .data 00000000 0000000000000000 0000000000000000 00000078 2**0
CONTENTS, ALLOC, LOAD, DATA
2 .bss 00000000 0000000000000000 0000000000000000 00000078 2**0
ALLOC
3 .rodata 00000100 0000000000000000 0000000000000000 00000078 2**3
CONTENTS, ALLOC, LOAD, READONLY, DATA
4 .comment 00000012 0000000000000000 0000000000000000 00000178 2**0
CONTENTS, READONLY
RELOCATION RECORDS FOR [.text]:
OFFSET TYPE VALUE
0000000000000018 R_RISCV_GOT_HI20 __clz_tab
000000000000001c R_RISCV_PCREL_LO12_I .L0
slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-objdump --disassemble relocation.o
relocation.o: file format elf64-littleriscv
Disassembly of section .text:
0000000000000000 <foo>:
0: fe010113 addi sp,sp,-32
4: 00813c23 sd s0,24(sp)
8: 02010413 addi s0,sp,32
c: fea43423 sd a0,-24(s0)
10: fe843783 ld a5,-24(s0)
14: 0ff7f793 andi a5,a5,255
0000000000000018 <.L0 >:
18: 00000717 auipc a4,0x0
1c: 00073703 ld a4,0(a4) # 18 <.L0 >
20: 00f707b3 add a5,a4,a5
24: 0007c783 lbu a5,0(a5)
28: 00078513 mv a0,a5
2c: 01813403 ld s0,24(sp)
30: 02010113 addi sp,sp,32
34: 00008067 ret
slava@slava-P34V2:/work/risc-v/musl-riscv/tmp$ riscv64-unknown-linux-gnu-readelf -r relocation.o
Relocation section '.rela.text' at offset 0x2a8 contains 2 entries:
Offset Info Type Sym. Value Sym. Name + Addend
000000000018 000800000014 R_RISCV_GOT_HI20 0000000000000000 __clz_tab + 0
00000000001c 000600000018 R_RISCV_PCREL_LO1 0000000000000018 .L0 + 0</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-65261123415874056172017-05-19T08:17:00.001-07:002017-05-19T08:18:28.020-07:00Magenta RISC-V is running in kernel mode with threads.<div dir="ltr" style="text-align: left;" trbidi="on">
Great news!<br />
<br />
Magenta RISC-V port ( <a href="https://github.com/slavaim/riscv-magenta">riscv-magenta</a> ) reached a milestone. The kernel is running and switching between kernel threads.</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-4271845419429229142017-05-16T03:22:00.002-07:002017-05-16T05:39:57.140-07:00RISC-V Magenta kernel manual stack unwinding<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
A manual stack unwinding when <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">handle_exception</code> sets a call frame</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) bt
#0 0xffffffff8002e0c4 in _panic (caller=0xffffffff80002554 <do_trap_insn_misaligned+52>, frame=0xffffffff80040de8 <init_thread_union+7656>, fmt=0xffffffff800343c8 "%s unimplemented\n")
at kernel/lib/debug/debug.c:32
#1 0xffffffff80002490 in do_trap_error (regs=0xffffffff80040e08 <init_thread_union+7688>, signo=7, code=1, addr=18446744071562076884, str=0xffffffff80034420 "Oops - instruction address misaligned")
at kernel/arch/riscv/traps.c:52
#2 0xffffffff80002554 in do_trap_insn_misaligned (regs=0xffffffff80040e08 <init_thread_union+7688>) at kernel/arch/riscv/traps.c:67
#3 0xffffffff8000027c in handle_exception () at kernel/arch/riscv/rv64/exception.S:221
Backtrace stopped: frame did not save the PC
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
A frame stack has the following layout</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">struct frame{
coid* caller_s0; // $s0
void* caller_pc; // $ra
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
the current frame pointer is saved in the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">s0</code> register.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x $s0
$1 = 0xffffffff80040d88
(gdb) x/2xg 0xffffffff80040d88-16
0xffffffff80040d78 <init_thread_union+7544>: 0xffffffff80040de8 0xffffffff80002490
(gdb) x/2xg 0xffffffff80040de8-16
0xffffffff80040dd8 <init_thread_union+7640>: 0xffffffff80040e08 0xffffffff80002554
(gdb) x/2xg 0xffffffff80040e08-16
0xffffffff80040df8 <init_thread_union+7672>: 0xffffffff80040f30 0xffffffff8000027c
(gdb) x/2xg 0xffffffff80040f30-16
0xffffffff80040f20 <init_thread_union+7968>: 0xffffffff80040f70 0xffffffff800022d4
(gdb) x/2xg 0xffffffff80040f70-16
0xffffffff80040f60 <init_thread_union+8032>: 0xffffffff80040fb0 0xffffffff80008f20
(gdb) x/2xg 0xffffffff80040fb0-16
0xffffffff80040fa0 <init_thread_union+8096>: 0xffffffff80040fe0 0xffffffff80008ff8
(gdb) x/5i 0xffffffff8000027c
0xffffffff8000027c <handle_exception+352>: ld s1,256(sp)
0xffffffff80000280 <handle_exception+356>: csrci sstatus,2
0xffffffff80000284 <handle_exception+360>: andi s1,s1,256
0xffffffff80000288 <handle_exception+364>: bnez s1,0xffffffff80000294 <handle_exception+376>
0xffffffff8000028c <handle_exception+368>: addi s1,sp,280
(gdb) x/5i 0xffffffff800022d4
0xffffffff800022d4 <arch_thread_construct_first+36>: sw a5,0(a4)
0xffffffff800022d8 <arch_thread_construct_first+40>: jal ra,0xffffffff800021e4 <current_thread_info>
0xffffffff800022dc <arch_thread_construct_first+44>: sd a0,-40(s0)
0xffffffff800022e0 <arch_thread_construct_first+48>: ld a5,-40(s0)
0xffffffff800022e4 <arch_thread_construct_first+52>: ld a4,-56(s0)
(gdb) x/5i 0xffffffff80008f20
0xffffffff80008f20 <thread_construct_first+188>: addi a5,s0,-48
0xffffffff80008f24 <thread_construct_first+192>: li a2,0
0xffffffff80008f28 <thread_construct_first+196>: mv a1,a5
0xffffffff80008f2c <thread_construct_first+200>: lui a5,0x80045
0xffffffff80008f30 <thread_construct_first+204>: addi a0,a5,-1232
(gdb) x/5i 0xffffffff80008ff8
0xffffffff80008ff8 <thread_init_early+112>: jal ra,0xffffffff80007678 <sched_init_early>
0xffffffff80008ffc <thread_init_early+116>: nop
0xffffffff80009000 <thread_init_early+120>: ld ra,40(sp)
0xffffffff80009004 <thread_init_early+124>: ld s0,32(sp)
0xffffffff80009008 <thread_init_early+128>: ld s1,24(sp)
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
GDB can not unwind after <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">handle_exception</code> as it is unable to verify that the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">handle_exception</code> frame is valid, the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">handle_exception</code> function has been written on assembler with a prolog that restores <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sp</code> from a scratch register instead of a frame initalization. I added a frame pointer saving for <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">handle_exception</code> after the stack pointer restoration ( <a href="https://github.com/slavaim/riscv-magenta/blob/riscv/kernel/arch/riscv/rv64/exception.S" style="box-sizing: border-box; color: #0366d6; text-decoration-line: none;">https://github.com/slavaim/riscv-magenta/blob/riscv/kernel/arch/riscv/rv64/exception.S</a> ).</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> /*a call frame to facilitate with debugging*/
.macro SET_GDB_FRAME
addi sp, sp, -2*SZREG /* allocate the frame */
REG_S s0, 0(sp) /* get the frame pointer at the exception moment */
csrr s0, sepc /* get the exception PC */
REG_S s0, SZREG(sp) /* set the exception PC as $ra for the frame */
addi s0, sp, 2*SZREG /* set s0 to the current frame pointer */
.endm
.macro DEL_GDB_FRAME
REG_L s0, 0(sp) /* restore the caller frame pointer */
addi sp, sp, 2*SZREG /* restore the stack pointer */
.endm
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
From the frame before the exception handler we see that the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">arch_thread_construct_first</code> raised the exception. We need to examine this function prologue to get the offset to the bootom of the stack from the frame address.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) x/10i arch_thread_construct_first
0xffffffff800022b0 <arch_thread_construct_first>: addi sp,sp,-64
0xffffffff800022b4 <arch_thread_construct_first+4>: sd ra,56(sp)
0xffffffff800022b8 <arch_thread_construct_first+8>: sd s0,48(sp)
0xffffffff800022bc <arch_thread_construct_first+12>: sd s1,40(sp)
0xffffffff800022c0 <arch_thread_construct_first+16>: addi s0,sp,64
0xffffffff800022c4 <arch_thread_construct_first+20>: mv s1,ra
0xffffffff800022c8 <arch_thread_construct_first+24>: sd a0,-56(s0)
0xffffffff800022cc <arch_thread_construct_first+28>: li a4,0
0xffffffff800022d0 <arch_thread_construct_first+32>: li a5,1
=> 0xffffffff800022d4 <arch_thread_construct_first+36>: sw a5,0(a4)
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Now the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">$pc, $sp</code> and <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">$s0</code> (a frame pointer ) registers can be set to unwind the stack before <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">handle_exception</code> was called by a CPU. 64 bytes was subtracted from the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">s0</code> register value to get the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sp</code> register value according to the function prologue displayed above.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) set $pc=0xffffffff800022d4
(gdb) set $sp=0xffffffff80040f70-64
(gdb) set $s0=0xffffffff80040f70
(gdb) bt
#0 0xffffffff800022d4 in arch_thread_construct_first (t=0xffffffff800426d8 <idle_threads>) at kernel/arch/riscv/thread.c:34
#1 0xffffffff80008f20 in thread_construct_first (t=0xffffffff800426d8 <idle_threads>, name=0xffffffff80035368 "bootstrap") at kernel/kernel/thread.c:1016
#2 0xffffffff80008ff8 in thread_init_early () at kernel/kernel/thread.c:1037
#3 0xffffffff80003ec4 in lk_main () at kernel/top/main.c:53
#4 0xffffffff8000146c in _riscv_start () at kernel/arch/riscv/rv64/start.S:42
Backtrace stopped: frame did not save the PC</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-68103292182750505202017-04-03T10:51:00.000-07:002017-04-03T10:53:30.063-07:00TLB flushing call on Windows<div dir="ltr" style="text-align: left;" trbidi="on">
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!KiRetireDpcList+0xd7</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!KxRetireDpcList+0x5 (TrapFrame @ fffff800`cc332e70)</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!KiDispatchInterruptContinue</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!KiDpcInterrupt+0xca (TrapFrame @ ffffd000`a9b34d90)</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!MiFlushTbList+0x20c</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!MiDeleteSystemPagableVm+0x4d9</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!MiPurgeSpecialPoolPaged+0x18</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!MmFreeSpecialPool+0x3cf</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!ExDeferredFreePool+0x677</span></div>
<div>
<span style="font-family: Courier New, Courier, monospace;">nt!VerifierExFreePoolWithTag+0x44</span></div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-87831166478838730582017-03-07T09:47:00.000-08:002017-03-07T18:11:33.543-08:00RISC-V Linux memory regions on boot<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<span style="background-color: white; font-family: , "blinkmacsystemfont" , "segoe ui" , "helvetica" , "arial" , sans-serif , "apple color emoji" , "segoe ui emoji" , "segoe ui symbol";">This text is based on </span><a href="https://github.com/slavaim/riscv-notes/blob/master/linux/memory_areas_on_boot.md" style="background-color: white; color: #888888; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; text-decoration: none;">memory_areas_on_boot.md</a><span style="background-color: white; font-family: , "blinkmacsystemfont" , "segoe ui" , "helvetica" , "arial" , sans-serif , "apple color emoji" , "segoe ui emoji" , "segoe ui symbol";"> from my GitHub repo </span><a href="https://github.com/slavaim/riscv-notes" style="background-color: white; color: #888888; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; text-decoration: none;">riscv-notes</a><br />
<br />
On boot the kernel has the following memory areas required for code execution</div>
<ul style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px; margin-top: 0px; padding-left: 2em;">
<li style="box-sizing: border-box;">vmlinux ELF code and data sections mapped by the bootloader</li>
<li style="box-sizing: border-box; margin-top: 0.25em;">the page tables for virtual memory support created by the bootloader</li>
<li style="box-sizing: border-box; margin-top: 0.25em;">initial stack</li>
</ul>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The pages used by the above regions must be marked as reserved so they are not used for memory allocations.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
As shown here <a href="https://github.com/slavaim/riscv-notes/blob/master/linux/memory-initialization.md" style="box-sizing: border-box; color: #0366d6; text-decoration: none;">https://github.com/slavaim/riscv-notes/blob/master/linux/memory-initialization.md</a> the kernel makes the following calls for memory reservation.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> memblock_reserve(info.base, __pa(_end) - info.base);
reserve_boot_page_table(pfn_to_virt(csr_read(sptbr)));
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The first call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">memblock_reserve</code> is to reserve the area from <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">&_start</code> to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">&_end</code> , this area is defined in the following linker script.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">SECTIONS
{
/* Beginning of code and text segment */
. = LOAD_OFFSET;
_start = .;
__init_begin = .;
HEAD_TEXT_SECTION
INIT_TEXT_SECTION(PAGE_SIZE)
INIT_DATA_SECTION(16)
/* we have to discard exit text and such at runtime, not link time */
.exit.text :
{
EXIT_TEXT
}
.exit.data :
{
EXIT_DATA
}
PERCPU_SECTION(L1_CACHE_BYTES)
__init_end = .;
.text : {
_text = .;
_stext = .;
TEXT_TEXT
SCHED_TEXT
LOCK_TEXT
KPROBES_TEXT
ENTRY_TEXT
IRQENTRY_TEXT
*(.fixup)
_etext = .;
}
/* Start of data section */
_sdata = .;
RO_DATA_SECTION(PAGE_SIZE)
RW_DATA_SECTION(0x40, PAGE_SIZE, THREAD_SIZE)
.sdata : {
_gp = . + 0x800;
*(.sdata*)
}
.srodata : {
*(.srodata*)
}
/* End of data section */
_edata = .;
BSS_SECTION(0x20, 0, 0x20)
EXCEPTION_TABLE(0x10)
NOTES
.rel.dyn : {
*(.rel.dyn*)
}
_end = .;
STABS_DEBUG
DWARF_DEBUG
DISCARDS
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
As you can see this area encompasses all kernel code and data excluding debug information. This area starts at <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">ffffffff80000000</code>. You can easily find the start and end addresses from the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">System.map</code> file. These values for my test kernel </div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">ffffffff80000000 T _start
ffffffff803b10b4 R _end
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The second call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">reserve_boot_page_table</code> reserves the initial page table pages.<br />
Where is a stack reservation? The stack is reserved by the first call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">memblock_reserve</code> as the initial stack is allocated from the kernel data section. The initial stack is staically allocated as <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">init_thread_union.stack</code> . The <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">init_thread_union</code> has the following type definition in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/include/linux/sched.h</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">union thread_union {
struct thread_info thread_info;
unsigned long stack[THREAD_SIZE/sizeof(long)];
};
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
For my test kernel the address of the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">init_thread_union</code> is again extracted from <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">System.map</code> as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">ffffffff8035e000 D init_thread_union
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
As you can see it is in the range of the region <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">[&_start,&_end)</code> and is in the data section.<br />
The stack register is set on boot by the kernel entry routine <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">_start</code> defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/kernel/head.S</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">__INIT
ENTRY(_start)
...
/* Initialize stack pointer */
la sp, init_thread_union + THREAD_SIZE
/* Initialize current task_struct pointer */
la tp, init_task
...
END(_start)</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-47189106232058983402017-03-07T04:20:00.001-08:002017-03-07T09:57:18.569-08:00RISC-V Linux kernel memory initialization on boot.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<span style="background-color: white;">This text is based on </span><a href="https://github.com/slavaim/riscv-notes/blob/master/linux/memory-initialization.md" style="background-color: white; color: #888888; text-decoration: none;">memory-initialization.md</a><span style="background-color: white;"> from my GitHub repo </span><a href="https://github.com/slavaim/riscv-notes" style="background-color: white; color: #888888; text-decoration: none;">riscv-notes</a></div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The kernel is started with virtual memory initialized by machine level bootloader BBL. The more detailed description can be found in this document - <a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/supervisor_vm_init.md">supervisor_vm_init.md</a> .</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The kernel start offset is defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/include/asm/page.h</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">/*
* PAGE_OFFSET -- the first address of the first page of memory.
* When not using MMU this corresponds to the first free page in
* physical memory (aligned on a page boundary).
*/
#ifdef CONFIG_64BIT
#define PAGE_OFFSET _AC(0xffffffff80000000,UL)
#else
#define PAGE_OFFSET _AC(0xc0000000,UL)
#endif
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
BBL initializes virtual memory for supervisor mode, maps the Linux kernel at PAGE_OFFSET, sets <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sptbr</code> register value to a root page table physical address, switches to the supervisor mode with <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">$pc</code> set to the entry point <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">_start</code>. BBL does this in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">enter_supervisor_mode</code> function defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/machine/minit.c</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">void enter_supervisor_mode(void (*fn)(uintptr_t), uintptr_t stack)
{
uintptr_t mstatus = read_csr(mstatus);
mstatus = INSERT_FIELD(mstatus, MSTATUS_MPP, PRV_S);
mstatus = INSERT_FIELD(mstatus, MSTATUS_MPIE, 0);
write_csr(mstatus, mstatus);
write_csr(mscratch, MACHINE_STACK_TOP() - MENTRY_FRAME_SIZE);
write_csr(mepc, fn);
write_csr(sptbr, (uintptr_t)root_page_table >> RISCV_PGSHIFT);
asm volatile ("mv a0, %0; mv sp, %0; mret" : : "r" (stack));
__builtin_unreachable();
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The important difference between RISC-V case and many other CPUs( e.g. x86 )is that Linux kernel's entry point is called with virtual memory initialized by boot loader executing at higher privilege mode.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The memory management is initialized inside <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">setup_arch</code> routine defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/kernel/setup.c</code>, below only memory management relevant part of the function is shown</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">void __init setup_arch(char **cmdline_p)
{
...
init_mm.start_code = (unsigned long) _stext;
init_mm.end_code = (unsigned long) _etext;
init_mm.end_data = (unsigned long) _edata;
init_mm.brk = (unsigned long) _end;
setup_bootmem();
....
paging_init();
....
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">_stext, _etext, _edata, _end</code> global variables are defined in the linker script <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/kernel/vmlinux.lds.S</code> which defines the kernel memory layout. These variables defines the kernel section borders. The thorough description regarding linkers scripts can be found here <a href="https://sourceware.org/binutils/docs/ld/Scripts.html" style="box-sizing: border-box; color: #0366d6; text-decoration: none;">https://sourceware.org/binutils/docs/ld/Scripts.html</a> .</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The first function being called is <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">setup_bootmem</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">static void __init setup_bootmem(void)
{
unsigned long ret;
memory_block_info info;
ret = sbi_query_memory(0, &info);
BUG_ON(ret != 0);
BUG_ON((info.base & ~PMD_MASK) != 0);
BUG_ON((info.size & ~PMD_MASK) != 0);
pr_info("Available physical memory: %ldMB\n", info.size >> 20);
/* The kernel image is mapped at VA=PAGE_OFFSET and PA=info.base */
va_pa_offset = PAGE_OFFSET - info.base;
pfn_base = PFN_DOWN(info.base);
if ((mem_size != 0) && (mem_size < info.size)) {
memblock_enforce_memory_limit(mem_size);
info.size = mem_size;
pr_notice("Physical memory usage limited to %lluMB\n",
(unsigned long long)(mem_size >> 20));
}
set_max_mapnr(PFN_DOWN(info.size));
max_low_pfn = PFN_DOWN(info.base + info.size);
#ifdef CONFIG_BLK_DEV_INITRD
setup_initrd();
#endif /* CONFIG_BLK_DEV_INITRD */
memblock_reserve(info.base, __pa(_end) - info.base);
reserve_boot_page_table(pfn_to_virt(csr_read(sptbr)));
memblock_allow_resize();
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The Linux kernel queries the available memory size in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">setup_bootmem</code> by invoking SBI interface's <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_query_memory</code>which results in a call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">__sbi_query_memory</code> BBL routine executed (suprisingly) in supervisor mode as SBI has been mapped to the supervisor virtual address space and <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">ecall</code> instruction is not invoked for <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_query_memory</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">uintptr_t __sbi_query_memory(uintptr_t id, memory_block_info *p)
{
if (id == 0) {
p->base = first_free_paddr;
p->size = mem_size + DRAM_BASE - p->base;
return 0;
}
return -1;
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
More about SBI can be found here <a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/sbi-to-linux.md" style="box-sizing: border-box; color: #0366d6; text-decoration: none;">https://github.com/slavaim/riscv-notes/blob/master/bbl/sbi-to-linux.md</a> .<br />
The kernel reserves the pages occupied by the kernel with a call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">memblock_reserve(info.base, __pa(_end) - info.base);</code> . Then a call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">reserve_boot_page_table(pfn_to_virt(csr_read(sptbr)));</code> reserves the pages occupied by the page table allocated by the bootloader, i.e. BBL.The Linux kernel retrieves the page table allocated and initialized by BBL by reading a physical address from the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sptbr</code> register and converting it to a virtual address. The page table virtual address is also saved at the master kernel Page Tables <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">init_mm.pgd</code>. The snippet is from <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/mm/init.c</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">void __init paging_init(void)
{
init_mm.pgd = (pgd_t *)pfn_to_virt(csr_read(sptbr));
....
}</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-25535948476394621892017-03-05T20:31:00.000-08:002017-03-06T19:05:43.649-08:00RISC-V SBI mapping to Linux<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<span style="background-color: white;">This text is based on </span><a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/sbi-to-linux.md" style="background-color: white; color: #888888; text-decoration: none;">sbi-to-linux.md</a><span style="background-color: white;"> from my GitHub repo </span><a href="https://github.com/slavaim/riscv-notes" style="background-color: white; color: #888888; text-decoration: none;">riscv-notes</a></div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The machine level SBI ( Supervisor Binary Interface ) is exported to the Linux kernel by mapping it at the top of the address space.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The mapping is performed by BBL in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">supervisor_vm_init</code> defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/bbl/bbl.c</code>.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> // map SBI at top of vaddr space
extern char _sbi_end;
uintptr_t num_sbi_pages = ((uintptr_t)&_sbi_end - DRAM_BASE - 1) / RISCV_PGSIZE + 1;
assert(num_sbi_pages <= (1 << RISCV_PGLEVEL_BITS));
for (uintptr_t i = 0; i < num_sbi_pages; i++) {
uintptr_t idx = (1 << RISCV_PGLEVEL_BITS) - num_sbi_pages + i;
sbi_pt[idx] = pte_create((DRAM_BASE / RISCV_PGSIZE) + i, PTE_G | PTE_R | PTE_X);
}
pte_t* sbi_pte = middle_pt + ((num_middle_pts << RISCV_PGLEVEL_BITS)-1);
assert(!*sbi_pte);
*sbi_pte = ptd_create((uintptr_t)sbi_pt >> RISCV_PGSHIFT);
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
You can read more on <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">supervisor_vm_init</code> here <a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/supervisor_vm_init.md" style="box-sizing: border-box; color: #0366d6; text-decoration: none;">https://github.com/slavaim/riscv-notes/blob/master/bbl/supervisor_vm_init.md</a> . From the code above you can see that the last page ending at <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">_sbi_end </code>physical address is mapped at the last page of the supervisor virtual address space.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The offsets to SBI entry points are defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/machine/sbi.S</code> as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">.globl sbi_hart_id; sbi_hart_id = -2048
.globl sbi_num_harts; sbi_num_harts = -2032
.globl sbi_query_memory; sbi_query_memory = -2016
.globl sbi_console_putchar; sbi_console_putchar = -2000
.globl sbi_console_getchar; sbi_console_getchar = -1984
.globl sbi_send_ipi; sbi_send_ipi = -1952
.globl sbi_clear_ipi; sbi_clear_ipi = -1936
.globl sbi_timebase; sbi_timebase = -1920
.globl sbi_shutdown; sbi_shutdown = -1904
.globl sbi_set_timer; sbi_set_timer = -1888
.globl sbi_mask_interrupt; sbi_mask_interrupt = -1872
.globl sbi_unmask_interrupt; sbi_unmask_interrupt = -1856
.globl sbi_remote_sfence_vm; sbi_remote_sfence_vm = -1840
.globl sbi_remote_sfence_vm_range; sbi_remote_sfence_vm_range = -1824
.globl sbi_remote_fence_i; sbi_remote_fence_i = -1808
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
These definitions are offsets from the top of the address space for the SBI trampoline stubs defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/machine/sbi_entry.S</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> # hart_id
.align 4
li a7, MCALL_HART_ID
ecall
ret
# num_harts
.align 4
lw a0, num_harts
ret
# query_memory
.align 4
tail __sbi_query_memory
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The SBI trampoline stubs code start is defined as <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_base</code> and is aligned to a page boundary by <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">align RISCV_PGSHIFT</code>directive. The first <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">RISCV_PGSIZE - 2048</code> bytes are reserved by <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.skip RISCV_PGSIZE - 2048</code> directive so the first instruction starts at 2048 bytes offset from the page top defined as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">.align RISCV_PGSHIFT
.globl sbi_base
sbi_base:
# TODO: figure out something better to do with this space. It's not
# protected from the OS, so beware.
.skip RISCV_PGSIZE - 2048
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The end of the section is also aligned at the page boundary and is defined as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> .align RISCV_PGSHIFT
.globl _sbi_end
_sbi_end:
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The SBI trampoline stubs section <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.sbi</code> is placed at the end of BBL just before the payload by defining the layout in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/bbl/bbl.lds</code> as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> .sbi :
{
*(.sbi)
}
.payload :
{
*(.payload)
}
_end = .;
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
So the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">supervisor_vm_init</code> code that maps machine level physical addresses to supervisor virtuall addresses maps the BBL <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">.sbi</code> section which contains SBI trampoline stubs at the top of the supervisor virtual address space.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Linux kernel access SBI trampoline stubs by a call with offsets defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/kernel/sbi.S</code>which is a carbon copy of <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/machine/sbi.S</code> . For example a snippet from Linux kernel entry point <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">_start</code> defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">linux/linux-4.6.2/arch/riscv/kernel/head.S</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> /* See if we're the main hart */
call sbi_hart_id
bnez a0, .Lsecondary_start
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
This code is translated by GCC to</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> 0xffffffff80000018 <+24>: jalr -2048(zero) # 0xfffffffffffff800
0xffffffff8000001c <+28>: bnez a0,0xffffffff80000054 <_start+84>
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
The address <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">0xfffffffffffff800</code> is 2048 bytes offset from the top of the virtual address space last page. As we saw above this page is backed by a physical page with SBI trampoline stubs code starting at <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_base</code> machine level physical address. The dissassembling shows the SBI trampoline stubs at offsets</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> 0xfffffffffffff800 which is sbi_hart_id = -2048
0xfffffffffffff810 which is sbi_num_harts = -2032
0xfffffffffffff820 which is sbi_query_memory = -2016
0xfffffffffffff830 which is sbi_console_putchar = -2000
etc
</code></pre>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) x/48i 0xfffffffffffff800
0xfffffffffffff800: li a7,0
0xfffffffffffff804: ecall
0xfffffffffffff808: ret
0xfffffffffffff80c: nop
0xfffffffffffff810: auipc a0,0xfffff
0xfffffffffffff814: lw a0,-1888(a0)
0xfffffffffffff818: ret
0xfffffffffffff81c: nop
0xfffffffffffff820: j 0xffffffffffff92c0
0xfffffffffffff824: nop
0xfffffffffffff828: nop
0xfffffffffffff82c: nop
0xfffffffffffff830: li a7,1
0xfffffffffffff834: ecall
0xfffffffffffff838: ret
0xfffffffffffff83c: nop
0xfffffffffffff840: li a7,2
0xfffffffffffff844: ecall
0xfffffffffffff848: ret
0xfffffffffffff84c: nop
0xfffffffffffff850: unimp
0xfffffffffffff854: nop
0xfffffffffffff858: nop
0xfffffffffffff85c: nop
0xfffffffffffff860: li a7,4
0xfffffffffffff864: ecall
0xfffffffffffff868: ret
0xfffffffffffff86c: nop
0xfffffffffffff870: li a7,5
0xfffffffffffff874: ecall
0xfffffffffffff878: ret
0xfffffffffffff87c: nop
0xfffffffffffff880: lui a0,0x989
0xfffffffffffff884: addiw a0,a0,1664
0xfffffffffffff888: ret
0xfffffffffffff88c: nop
0xfffffffffffff890: li a7,6
0xfffffffffffff894: ecall
0xfffffffffffff898: nop
0xfffffffffffff89c: nop
0xfffffffffffff8a0: li a7,7
0xfffffffffffff8a4: ecall
0xfffffffffffff8a8: ret
0xfffffffffffff8ac: nop
0xfffffffffffff8b0: j 0xffffffffffff92f8
0xfffffffffffff8b4: nop
0xfffffffffffff8b8: nop
0xfffffffffffff8bc: nop
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
As you can see not all SBI trampolines stubs invoke <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">ecall</code> system call to enter a higher privilege level, the machine level in this case. For example <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">query_memory</code> is just an unconditional jump to the SBI code mapped to the Linux kernel space.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> 0xfffffffffffff820: j 0xffffffffffff92c0
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
In that case the CPU doesn't switch to machine level and continues in the supervisor mode with virtual memory enabled. When CPU switches to the machine mode it disables virtual address translation and switches back to physical addresses. Below is a call stack when <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">query_memory</code> is called. A you can see the CPU continues with virtual address memory enabled and uses virtual addresses. The debugger was unable to resolve a call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">query_memory</code> in BBL as it was not aware about the code being remapped to the Linux system address space.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">#0 0xffffffffffff92c8 in ?? ()
#1 0xffffffff80002c38 in setup_bootmem () at arch/riscv/kernel/setup.c:149
#2 setup_arch (cmdline_p=<optimized out>) at arch/riscv/kernel/setup.c:152
#3 0xffffffff80000898 in start_kernel () at init/main.c:500
#4 0xffffffff80000040 in _start () at arch/riscv/kernel/head.S:36
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
I guess that one of the possible reasons for such <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">query_memory</code> implementation is to simplify development as this function returns the structure which would require either packing it in registers or translating addresses either in the Linux kernel or in BBL SDI.</div>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
The call stack for <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_hart_id</code> looks differently</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">#0 0x0000000080000c90 in mcall_trap (regs=0x82660ec0, mcause=9, mepc=18446744073709549572) at ../machine/mtrap.c:210
#1 0x00000000800000ec in trap_vector () at ../machine/mentry.S:116
Backtrace stopped: frame did not save the PC
(gdb) p/x mepc
$4 = 0xfffffffffffff804
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
The virtual address translation is disabled and the CPU works with physical addresses. The debugger was unable to cross the boundary back to the Linux kernel stack that requires processing address space translation switching. <span style="background-color: white; font-family: , "blinkmacsystemfont" , "segoe ui" , "helvetica" , "arial" , sans-serif , "apple color emoji" , "segoe ui emoji" , "segoe ui symbol";">As you can see the </span><code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">mpec</code><span style="background-color: white; font-family: , "blinkmacsystemfont" , "segoe ui" , "helvetica" , "arial" , sans-serif , "apple color emoji" , "segoe ui emoji" , "segoe ui symbol";"> register points to the </span><code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">ecall</code><span style="background-color: white; font-family: , "blinkmacsystemfont" , "segoe ui" , "helvetica" , "arial" , sans-serif , "apple color emoji" , "segoe ui emoji" , "segoe ui symbol";"> instruction virtual address in supervisor mode</span></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> 0xfffffffffffff800: li a7,0
0xfffffffffffff804: ecall
0xfffffffffffff808: ret</code></pre>
</div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-34177496843546907622017-03-05T20:10:00.001-08:002017-03-06T01:09:59.434-08:00RISC-V BBL supervisor_vm_init<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<span style="background-color: white;">This text is based on </span><a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/supervisor_vm_init.md" style="background-color: white; color: #888888; text-decoration: none;">supervisor_vm_init.md</a><span style="background-color: white;"> from my GitHub repo </span><a href="https://github.com/slavaim/riscv-notes" style="background-color: white; color: #888888; text-decoration: none;">riscv-notes</a></div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The function builds page table structures to map RISC-V BBL payload to supervisor mode. The function operates in machine level physical address space. You should not be fooled by presence of supervisor virtual addresses as they are adjusted to machine level physical address before being accessed.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">static void supervisor_vm_init()
{
uintptr_t highest_va = DRAM_BASE - first_free_paddr;
mem_size = MIN(mem_size, highest_va - info.first_user_vaddr) & -MEGAPAGE_SIZE;
pte_t* sbi_pt = (pte_t*)(info.first_vaddr_after_user + info.load_offset);
memset(sbi_pt, 0, RISCV_PGSIZE);
pte_t* middle_pt = (void*)sbi_pt + RISCV_PGSIZE;
#if __riscv_xlen == 32
size_t num_middle_pts = 1;
pte_t* root_pt = middle_pt;
memset(root_pt, 0, RISCV_PGSIZE);
#else
size_t num_middle_pts = (-info.first_user_vaddr - 1) / GIGAPAGE_SIZE + 1;
pte_t* root_pt = (void*)middle_pt + num_middle_pts * RISCV_PGSIZE;
memset(middle_pt, 0, (num_middle_pts + 1) * RISCV_PGSIZE);
for (size_t i = 0; i < num_middle_pts; i++)
root_pt[(1<<RISCV_PGLEVEL_BITS)-num_middle_pts+i] = ptd_create(((uintptr_t)middle_pt >> RISCV_PGSHIFT) + i);
#endif
for (uintptr_t vaddr = info.first_user_vaddr, paddr = vaddr + info.load_offset, end = info.first_vaddr_after_user;
paddr < DRAM_BASE + mem_size; vaddr += MEGAPAGE_SIZE, paddr += MEGAPAGE_SIZE) {
int l2_shift = RISCV_PGLEVEL_BITS + RISCV_PGSHIFT;
size_t l2_idx = (info.first_user_vaddr >> l2_shift) & ((1 << RISCV_PGLEVEL_BITS)-1);
l2_idx += ((vaddr - info.first_user_vaddr) >> l2_shift);
middle_pt[l2_idx] = pte_create(paddr >> RISCV_PGSHIFT, PTE_G | PTE_R | PTE_W | PTE_X);
}
// map SBI at top of vaddr space
extern char _sbi_end;
uintptr_t num_sbi_pages = ((uintptr_t)&_sbi_end - DRAM_BASE - 1) / RISCV_PGSIZE + 1;
assert(num_sbi_pages <= (1 << RISCV_PGLEVEL_BITS));
for (uintptr_t i = 0; i < num_sbi_pages; i++) {
uintptr_t idx = (1 << RISCV_PGLEVEL_BITS) - num_sbi_pages + i;
sbi_pt[idx] = pte_create((DRAM_BASE / RISCV_PGSIZE) + i, PTE_G | PTE_R | PTE_X);
}
pte_t* sbi_pte = middle_pt + ((num_middle_pts << RISCV_PGLEVEL_BITS)-1);
assert(!*sbi_pte);
*sbi_pte = ptd_create((uintptr_t)sbi_pt >> RISCV_PGSHIFT);
mb();
root_page_table = root_pt;
write_csr(sptbr, (uintptr_t)root_pt >> RISCV_PGSHIFT);
}
</code></pre>
<h3 style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 1.25em; line-height: 1.25; margin-bottom: 16px; margin-top: 24px;">
<a aria-hidden="true" class="anchor" href="https://github.com/slavaim/riscv-notes/blob/master/bbl/supervisor_vm_init.md#commentary" id="user-content-commentary" style="box-sizing: border-box; color: #0366d6; float: left; line-height: 1; margin-left: -20px; padding-right: 4px; text-decoration: none;"><svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z" fill-rule="evenodd"></path></svg></a></h3>
<div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Lets look on this function code flow.</div>
</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">uintptr_t highest_va = DRAM_BASE - first_free_paddr;
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The above operation calculates the highest supervisor VA(virtual address) <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">highest_va</code> value. <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">DRAM_BASE</code> is less than <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">first_free_paddr</code> which is the address of the first free megapage after BBL+payload was loaded to DRAM starting at DRAM_BASE machine level address. On my test system <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">DRAM_BASE = 0x80000000</code> and <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">first_free_paddr = 0x82800000</code>these are machine level physical adresses as CPU starts at machine level mode. The difference is a negative number which in two's complement arithmetic gives the valid virtual address at the top of the 64 bit address range <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">highest_va = 0xfffffffffd800000</code> for supervisor mode. This leaves intact a top VA range in supervider mode thus preserving the machine level code which is mapped at this range, see below.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The info structure describes the payload with an ELF header. Typical values on my system for the Linux kernel as a payload as they are shown by GDB print command are</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x info
$6 = {entry = 0xffffffff80000000, first_user_vaddr = 0xffffffff80000000, first_vaddr_after_user = 0xffffffff803b2000, load_offset = 0x102800000}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The memory size available for machine level mode is</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x mem_size
$16 = 0x100000000
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
It should be adjusted for supervisor. The memory size available for supervisor is calculated as</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">mem_size = MIN(mem_size, highest_va - info.first_user_vaddr) & -MEGAPAGE_SIZE;
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
On my system this value is</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x $a5
$11 = 0x7d800000
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Then the SBI page table is allocated. This page table is used to map the SBI BBL at the top of the address space.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">pte_t* sbi_pt = (pte_t*)(info.first_vaddr_after_user + info.load_offset);
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_pt</code> value on my machine is</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) p/x $s1
$15 = 0x82bb2000
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
As you can see the CPU works with machine level addresses while <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">info.first_vaddr_after_user</code> is a supervisor virtual address. The <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">info.load_offset</code> value is used to adjust the supervisor virtual address to machine level physical address.</div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Then the real supervisor page table address is calculated by allocating a middle/directory table just after <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_pt</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">pte_t* middle_pt = (void*)sbi_pt + RISCV_PGSIZE;
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
Then the root page table pointer is initialized.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">#if __riscv_xlen == 32
size_t num_middle_pts = 1;
pte_t* root_pt = middle_pt;
memset(root_pt, 0, RISCV_PGSIZE);
#else
size_t num_middle_pts = (-info.first_user_vaddr - 1) / GIGAPAGE_SIZE + 1;
pte_t* root_pt = (void*)middle_pt + num_middle_pts * RISCV_PGSIZE;
memset(middle_pt, 0, (num_middle_pts + 1) * RISCV_PGSIZE);
for (size_t i = 0; i < num_middle_pts; i++)
root_pt[(1<<RISCV_PGLEVEL_BITS)-num_middle_pts+i] = ptd_create(((uintptr_t)middle_pt >> RISCV_PGSHIFT) + i);
#endif
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The supervisor page table structure is then initialized to map supervisor virtual addresses to machine level physical addresses. Look how <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">info.load_offset</code> is used again to translate supervisor virtual address to machine level physical address.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> for (uintptr_t vaddr = info.first_user_vaddr, paddr = vaddr + info.load_offset, end = info.first_vaddr_after_user;
paddr < DRAM_BASE + mem_size; vaddr += MEGAPAGE_SIZE, paddr += MEGAPAGE_SIZE) {
int l2_shift = RISCV_PGLEVEL_BITS + RISCV_PGSHIFT;
size_t l2_idx = (info.first_user_vaddr >> l2_shift) & ((1 << RISCV_PGLEVEL_BITS)-1);
l2_idx += ((vaddr - info.first_user_vaddr) >> l2_shift);
middle_pt[l2_idx] = pte_create(paddr >> RISCV_PGSHIFT, PTE_G | PTE_R | PTE_W | PTE_X);
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The machine level SBI BBL code is remapped at the top of the range reserved above <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">highest_va</code> through <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_pt</code> page table allocated early. The BBL has been loaded at <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">DRAM_BASE</code> machine level physical address. This address range is mapped as a read only range for supervisor mode. The PTE are also marked as global so they are visible in all address spaces.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> // map SBI at top of vaddr space
extern char _sbi_end;
uintptr_t num_sbi_pages = ((uintptr_t)&_sbi_end - DRAM_BASE - 1) / RISCV_PGSIZE + 1;
assert(num_sbi_pages <= (1 << RISCV_PGLEVEL_BITS));
for (uintptr_t i = 0; i < num_sbi_pages; i++) {
uintptr_t idx = (1 << RISCV_PGLEVEL_BITS) - num_sbi_pages + i;
sbi_pt[idx] = pte_create((DRAM_BASE / RISCV_PGSIZE) + i, PTE_G | PTE_R | PTE_X);
}
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
After <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sbi_pt</code> has been filled it is inserted in the superviser page directory. This establishes the mapping visible from supervisor level.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; color: #24292e; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> pte_t* sbi_pte = middle_pt + ((num_middle_pts << RISCV_PGLEVEL_BITS)-1);
assert(!*sbi_pte);
*sbi_pte = ptd_create((uintptr_t)sbi_pt >> RISCV_PGSHIFT);
</code></pre>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
The last page ending at <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">_sbi_end</code> physical address is mapped at the last page of the virtual address space. SBI mapping in detailes is descibed here <a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/sbi-to-linux.md" style="box-sizing: border-box; color: #0366d6; text-decoration: none;">https://github.com/slavaim/riscv-notes/blob/master/bbl/sbi-to-linux.md</a></div>
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
Before returning to a caller the function sets page table base register for supervisor virtual address translation. The memory barrier guaranties that all memory writes has completed so the page table is in a consistent state.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> mb();
root_page_table = root_pt;
write_csr(sptbr, (uintptr_t)root_pt >> RISCV_PGSHIFT);
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";">
P.S. BBL sets <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">sptbr</code> to the <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">root_page_table</code> value in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">enter_supervisor_mode</code> which makes redundant the above call to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">write_csr(sptbr, (uintptr_t)root_pt >> RISCV_PGSHIFT);</code>.</div>
</div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-328057192069474512017-03-04T10:22:00.002-08:002017-03-05T20:32:19.395-08:00rv64 RISC-V booting<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="box-sizing: border-box; color: #24292e; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 16px; margin-bottom: 16px;">
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
This text is based on <a href="https://github.com/slavaim/riscv-notes/blob/master/bbl/boot.md">boot.md</a> from my GitHub repo <a href="https://github.com/slavaim/riscv-notes">riscv-notes</a><br />
<br />
After reset a rv64 RISC-V CPU fetches the first instruction from <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">DEFAULT_RSTVEC = 0x00001000</code>. For example below is QEMU CPU reset emulation from <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-qemu/target-riscv/cpu.c</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">static void riscv_cpu_reset(CPUState *s)
{
RISCVCPU *cpu = RISCV_CPU(s);
RISCVCPUClass *mcc = RISCV_CPU_GET_CLASS(cpu);
CPURISCVState *env = &cpu->env;
CPUState *cs = CPU(cpu);
mcc->parent_reset(s);
#ifndef CONFIG_USER_ONLY
tlb_flush(s, 1);
env->priv = PRV_M;
env->mtvec = DEFAULT_MTVEC;
#endif
env->pc = DEFAULT_RSTVEC;
cs->exception_index = EXCP_NONE;
}
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
The 0x00001000 address is mapped to ROM with a trampoline code to 0x80000000. <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">AUIPC</code> instruction moves its immediate value 12 bits to the left and adds to the current PC , so <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">t0 = 0(x7ffff<<12)+ 0x1000 = 0x80000000</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) x/2i 0x1000
0x1000: auipc t0,0x7ffff
0x1004: jr t0
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
For QEMU the above code is defined in <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-qemu/hw/riscv/riscv_board.c</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> uint32_t reset_vec[8] = {
0x297 + 0x80000000 - 0x1000, /* reset vector */
0x00028067, /* jump to DRAM_BASE */
0x00000000, /* reserved */
0x0, /* config string pointer */
0, 0, 0, 0 /* trap vector */
};
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
The 0x80000000 address is a start of DRAM where the BBL is loaded. Below are definitions that are the same for the both QEMU and spike simulator.</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">#define DEFAULT_RSTVEC 0x00001000
#define DRAM_BASE 0x80000000
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
After <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">jr t0</code> has been execute the register content is as follows ( <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">t0</code> and <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">pc</code> are equal )</div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) info registers
ra 0x0000000000000000 0
sp 0x0000000000000000 0
gp 0x0000000000000000 0
tp 0x0000000000000000 0
t0 0x0000000080000000 2147483648
t1 0x0000000000000000 0
t2 0x0000000000000000 0
fp 0x0000000000000000 0
s1 0x0000000000000000 0
a0 0x0000000000000000 0
a1 0x0000000000000000 0
a2 0x0000000000000000 0
a3 0x0000000000000000 0
a4 0x0000000000000000 0
a5 0x0000000000000000 0
a6 0x0000000000000000 0
a7 0x0000000000000000 0
s2 0x0000000000000000 0
s3 0x0000000000000000 0
s4 0x0000000000000000 0
s5 0x0000000000000000 0
s6 0x0000000000000000 0
s7 0x0000000000000000 0
s8 0x0000000000000000 0
s9 0x0000000000000000 0
s10 0x0000000000000000 0
s11 0x0000000000000000 0
t3 0x0000000000000000 0
t4 0x0000000000000000 0
t5 0x0000000000000000 0
t6 0x0000000000000000 0
pc 0x0000000080000000 2147483648
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
BBL assigns 0x80000000 address to <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">reset_vector</code> by placing it in the beginning of the .text.init section which is linked to 0x80000000 .</div>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
From <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/machine/mentry.S</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> .section .text.init,"ax",@progbits
.globl reset_vector
reset_vector:
j do_reset
</code></pre>
<div style="box-sizing: border-box; font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; margin-bottom: 16px;">
From <code style="background-color: rgba(27, 31, 35, 0.0470588); border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; margin: 0px; padding: 0.2em 0px;">riscv-tools/riscv-pk/pk/pk.lds</code></div>
<pre style="background-color: #f6f8fa; border-radius: 3px; box-sizing: border-box; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;"> /* Begining of code and text segment */
. = 0x80000000;
_ftext = .;
PROVIDE( eprol = . );
.text :
{
*(.text.init)
}</code></pre>
</div>
</div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-15532658190473705422017-03-02T04:07:00.000-08:002017-03-04T10:33:34.918-08:00This is how Linux kernel debugging looks like<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://1.bp.blogspot.com/-l9A42Bua6yY/WLgKhp_F8FI/AAAAAAAAAtg/KUwRD4BsZowpc8jjeyhwxbVHeL3CpU4RACLcB/s1600/Screenshot%2Bfrom%2B2017-03-02%2B23-02-21.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="225" src="https://1.bp.blogspot.com/-l9A42Bua6yY/WLgKhp_F8FI/AAAAAAAAAtg/KUwRD4BsZowpc8jjeyhwxbVHeL3CpU4RACLcB/s400/Screenshot%2Bfrom%2B2017-03-02%2B23-02-21.png" width="400" /></a></div>
<br /></div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-21242691376977340862017-02-28T19:56:00.000-08:002017-02-28T20:01:40.777-08:00Linux dynamic linking for elf binary execution<div dir="ltr" style="text-align: left;" trbidi="on">
Follow this link <a href="https://github.com/slavaim/linux-notes/blob/master/dynamic-linking.md" target="_blank">https://github.com/slavaim/linux-notes/blob/master/dynamic-linking.md</a> where I used GDB to show how dynamic linking on first function invocation is implemented in Linux.<br />
<br />
<pre style="background-color: #f7f7f7; border-radius: 3px; box-sizing: border-box; color: #333333; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; font-stretch: normal; line-height: 1.45; margin-bottom: 16px; overflow: auto; padding: 16px; word-wrap: normal;"><code style="background: transparent; border-radius: 3px; border: 0px; box-sizing: border-box; display: inline; font-family: SFMono-Regular, Consolas, "Liberation Mono", Menlo, Courier, monospace; font-size: 13.6px; line-height: inherit; margin: 0px; overflow: visible; padding: 0px; word-break: normal; word-wrap: normal;">(gdb) bt
#0 strcmp () at ../sysdeps/x86_64/multiarch/../strcmp.S:142
#1 0x00007ffff7deb1d4 in _dl_name_match_p (name=0x7ffff7bd83fe "libc.so.6", map=<optimised out>) at dl-misc.c:295
#2 0x00007ffff7de402f in do_lookup_x (new_hash=new_hash@entry=2090629905, old_hash=old_hash@entry=0x7fffffffdcb0,
result=result@entry=0x7fffffffdcc0, scope=<optimised out>, i=<optimised out>, i@entry=0, flags=flags@entry=1, skip=skip@entry=0x0,
undef_map=undef_map@entry=0x7ffff7ff9520) at dl-lookup.c:462
#3 0x00007ffff7de4961 in _dl_lookup_symbol_x (undef_name=0x7ffff7bd83f9 "puts", undef_map=0x7ffff7ff9520, ref=ref@entry=0x7fffffffdd78,
symbol_scope=0x7ffff7ff9878, version=0x7ffff7fcf030, type_class=type_class@entry=1, flags=1, skip_map=skip_map@entry=0x0)
at dl-lookup.c:737
#4 0x00007ffff7de9527 in _dl_fixup (l=<optimised out>, reloc_arg=<optimised out>) at ../elf/dl-runtime.c:111
#5 0x00007ffff7df04d5 in _dl_runtime_resolve () at ../sysdeps/x86_64/dl-trampoline.S:45
#6 0x00007ffff7bd86c5 in foo () from /work/test/1/shared.o
#7 0x00000000004006f5 in main () at test.c:8</code></pre>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-11883908079839009072017-02-16T20:28:00.001-08:002017-02-16T20:29:28.018-08:00What a BSOD!<div dir="ltr" style="text-align: left;" trbidi="on">
<span style="font-family: "trebuchet ms" , sans-serif;"><br /></span>
<span style="font-family: "trebuchet ms" , sans-serif;">APC_INDEX_MISMATCH (1)</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">This is a kernel internal error. The most common reason to see this</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">bugcheck is when a filesystem or a driver has a mismatched number of</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">calls to disable and re-enable APCs. The key data item is the</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Thread->CombinedApcDisable field. This consists of two separate 16-bit</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">fields, the SpecialApcDisable and the KernelApcDisable. A negative value</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">of either indicates that a driver has disabled special or normal APCs</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">(respectively) without re-enabling them; a positive value indicates that</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">a driver has enabled special or normal APCs (respectively) too many times.</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Arguments:</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Arg1: 00007ffeb44461b4, Address of system call function or worker routine</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Arg2: 0000000000000000, Thread->ApcStateIndex</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Arg3: 000000000000ffff, (Thread->SpecialApcDisable << 16) | Thread->KernelApcDisable</span><br />
<span style="font-family: "trebuchet ms" , sans-serif;">Arg4: ffffc6816b407b80, Call type (0 - system call, 1 - worker routine)</span></div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-57109614814555244692017-02-07T09:47:00.002-08:002017-02-07T09:47:40.167-08:00A CPU made from read only memory (ROM)<div dir="ltr" style="text-align: left;" trbidi="on">
How?<br />
<br />
Read this article <a href="http://2x-1.net/ob/gray1/" target="_blank">ROM + ROM + … + ROM = CPU</a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://3.bp.blogspot.com/-Sc_0AEP7Rmg/WJoH8eUkpfI/AAAAAAAAAqc/-z2_vxbbMO8VVCkxS2MsnwcYM-0lkcmfgCLcB/s1600/register-eprom.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="145" src="https://3.bp.blogspot.com/-Sc_0AEP7Rmg/WJoH8eUkpfI/AAAAAAAAAqc/-z2_vxbbMO8VVCkxS2MsnwcYM-0lkcmfgCLcB/s400/register-eprom.png" width="400" /></a></div>
<br /></div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0tag:blogger.com,1999:blog-904367455583123402.post-77692424617068154722017-01-29T19:25:00.000-08:002017-01-29T19:27:19.777-08:00Current process when closing a kernel handle.<div dir="ltr" style="text-align: left;" trbidi="on">
If you call <b>PsGetCurrentProcess</b>() in a filter or driver when processing <b>IRP_MJ_CLEANUP</b> for a kernel handle the system process is returned as <b>NtClose</b>() calls <b>KeStackAttachProcess</b>() if the handle belongs to a system process kernel table.<br />
<div>
<span style="font-family: "courier new" , "courier" , monospace;"><br /></span></div>
<div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">2: kd> !thread ffffc5006e6da080</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">THREAD ffffc5006e6da080 Cid 1588.05ec Teb: 00000000002aa000 Win32Thread: 0000000000000000 WAIT: (WrResource) KernelMode Non-Alertable</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> ffffc5006be8eb70 SynchronizationEvent</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">IRP List:</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> ffffc5006e2ba140: (0006,04c0) Flags: 00000404 Mdl: 00000000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;"> ffffc50075b8aae0: (0006,0118) Flags: 00060000 Mdl: 00000000</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Not impersonating</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">DeviceMap ffffd58256416bd0</span></div>
<div>
<span style="font-family: "courier new" , "courier" , monospace;">Owning Process ffffc500733ff080 Image: XXXXXXXX</span></div>
<div>
<span style="background-color: yellow;"><span style="font-family: "courier new" , "courier" , monospace;">Attached Process ffffc5006b8b66c0 Image: System</span></span></div>
</div>
<div>
<br /></div>
</div>
Slava Imameevhttp://www.blogger.com/profile/13578278454699273419noreply@blogger.com0